Forum Discussion
How do you "tie" accounts together?
ModeratorHello bez825! 👋
Thanks for reaching out! I understand that you're using a domain system (likely similar to Active Directory or another directory service) where you have multiple services all linked to the same directory-controlled username and password but using different login pages.
At the moment the best way to store directory-controlled logins and avoid issues like Watchtower warnings about password reuse is to have a single login item with multiple website URLs or sections. I see that this is the solution that you yourself have already stumbled onto. This is how it would look:
Then, if your directory solution doesn't support the exact same username across services, you can add the various username as custom fields to the item under separate sections. With this setup, you can autofill the password and then copy and paste, or drag and drop, the appropriate username.
Modern single sign-on (SSO) solutions (like Okta or Microsoft Entra) work a little differently. You always sign in on the same login page (controlled by the SSO identity provider) and then the provider signs you into different services. This allows you to avoid having to add each service's website to 1Password.
I can certainly file a feature request on your behalf to have the team look into how we can better support this use case in the future, can you tell me which directory service your organization is using? I'd like to add that detail to the feature request.
-Dave
It's MS AD/LDAP
- 1P_Dave
Thank you for providing the directory solution that you're using! How 1Password supports supports AD/LDAP is something that I personally agree could be improved and I'll add your request and comments to our internal tracker to let our team know that you'd find improvements useful if they were implemented in the future.
-Dave
PB-47401204
Hi 1P_Dave could you please add my notes / 2cts to the tracked request as well as adding specific AD or LDAP features would be very beneficial but it doesn't detract from creating a potential 'web' when connecting various entries (which from a user point can be very convenient as OP declared, but from an programming (for AgileBits) and administrative (for owners) perspective I see a couple caveats that probably can be solved by (providing some way forward) by sub-childing the websites (or other entries) which might make more sense than fully linking? TIA
As already indicated and seconded by 1P_Dave I'd suggest you look into Okta or MS Entra - though there are plenty others like GoAuthentik (http://goauthentik.io) - while there might be a use-case for MS/AD connectivity I highly suggest for (publicly accessible websites) you use some 'known' and trusted source like an SSO and not provide your precious domain credentials through a website.
But the use-case is clear enough I guess, but I do think it's a hefty amount of work which is made much simpler by just creating a single 1password entry for your domain credentials and adding each and every website as a website to that account (like I suggested and Dave elaborated on in screenshots). The other way around (i.e. connecting various entries) would create a monster of a hassle if you ever want to disentangle such a web.
