caption: Password synchronization between third-party SSO providers and Chrome devices
default: false
desc: |-
Enables SAML password sync between multiple Chrome devices by monitoring the value of password sync token and sending a user through the online re-authentication if password was updated and needs to be synchronized.
Enables a page at chrome://password-change that lets SAML users change their SAML passwords while in-session, which ensures that the SAML password and the device lockscreen password are kept in-sync.
This policy also enables notifications that warn SAML users if their SAML passwords are soon to expire so that they can deal with this immediately by doing an in-session password change.
But, these notifications will only be shown if password expiry information is sent to the device by the SAML identity provider during the SAML login flow.
Setting this policy to Disabled or not set, SAML password can't be changed at chrome://password-change and there won't be any notification when SAML passwords are soon to expire.
example_value: true
features:
dynamic_refresh: true
per_profile: false
items:
- caption: Trigger authentication flows to synchronize passwords with SSO providers
value: true
- caption: Do not trigger authentication flows for password synchronization
value: false
owners:
- [email protected]
- [email protected]
schema:
type: boolean
supported_on:
- chrome_os:98-
tags: []
type: main
Codebase Browser
chromium