EoL: The SSO agent connection has been deprecated


Why has it been deprecated?

NOTE: Please also see the FAQ below
The connection between the SSO agent and the Browser extension uses legacy technology which does not support the latest product features, and thus this connection mode will be removed in an upcoming version.
Therefore, we implemented a notice banner like the following, to inform ahead:


How do I delete the SSO agent connection and switch to server mode?

To be able to continue using the browser extension, it is necessary to switch to the server-based connection mode.
NOTE: Before you continue, ensure you have access to the Password Secure web application.
Step 1: Choose your browser specific settings link:
Step 2: Switch from "SSO agent" to "Server mode" as shown in the picture below:
Step 3: You can now close the tab. The changes were automatically saved, and you successfully switched to "Server mode".

How can I connect the browser extension now?

Step 1: To configure the "Server mode" connection profile, please log in to your browser application.


Step 2: After logging in, the browser extension now offers the function "Adopt WebClient profile". This will automatically configure the "Server mode" profile for you.
Congratulations! You can now log in to the browser extension and benefit from new features.




1. Why did you add the warning to the user interface instead of just informing the administrators?

If the administrator is aware that users have adopted this connection type and can also furnish them with the new connection option, it offers a swift resolution. However, users also have the option to configure the connection independently. Hence, with this message, we aim to directly engage all users, empowering them to take necessary actions.

2. Will there be an alternative for customers not running a web server?

Unfortunately, there will be no alternative to the web app. We're actively consolidating connection interfaces in our solution for security and performance enhancements. The web endpoint hosted on our server takes precedence as our top priority endpoint. It offers optimal performance, comprehensive features, and superior security. We strongly advise utilizing this endpoint overall, as the browser extensions will completely rely on it.

3. Are there plans to provide an older browser extension version for customers with "long update prep time"?

Due to restrictions imposed by various browsers on sideloading extensions from unauthorized sources, providing the old version would be impractical. However, if you wish to continue using the old version, we recommend disabling automatic updates of the browser extension in your browser.

4. Are there plans to bring back the functionality (login on Windows level, using this authenticated session for the browser extension) at some point - maybe using the Windows app instead of the SSO Agent?

As our primary focus lies in developing and securing the web endpoint for our customers, we have to inform you that we will not be reintroducing this or a similar functionality in the future.

5. When exactly do we plan to push the announced changes (EOL SSO Agent Connection for the Browser Extensions)?

The SSO agent connection for the browser extension will remain active until end of May 2024. The deprecation will be announced through the usual newsletter channels with the release of version 9.1.0.

6. Can the change be carried out remotely / with batch processing?

Unfortunately, remote profile distribution or batch processing isn't feasible due to the absence of Group Policy Objects (GPOs) for configuring the extension. However, users can independently switch to server mode by logging into the web app and selecting 'Adopt web app profile'.

7. Is a solution planned so that the login to the browser extension is not lost when the browser is restarted?

No, it is not planned to change this behavior: Customers must log in to the browser extension again every time the browser has been closed, in terms of security.

Have more questions? Submit a request