workspaces-issues
workspaces-issues copied to clipboard
kasmtech
[Feature Request] - Caching (RDP) credentials to allow seamless session resuming
Is your feature request related to a problem? Please describe. In the case of using an Idp and starting a server connection you need to manually provide credentials for the session. However when you close (not destroy) the session and resume it asks you for the credentials once again. Right now there is no real difference between suspending a server session and destroying/deleting it when using manual credentials. (besides that it counts towards your concurrent session limit)
Describe the solution you'd like When resuming a server session the credentials used earlier could be cached along with the session. This way for as long as the session exists when you resume it these credentials are replayed and you can seamlessly resume it without being bothered to enter credentials every time. Only when you "destroy" the session, the cached credentials linked to the session are removed as well. This makes the user experience better and make more sense when you "resume" a running session. It might seem like a minor nuance but these little things can significantly improve the user experience.
I also realized this would be a solution to the previous feature request I posted. If you could also extend this cached credentials idea to the API creation of a Kasm server connection then suddenly you have a form of SSO with credentials linked to that session only, regardless of how the user logged on. If the session is destroyed so are the credentials linked to it. No need to build a secrets manager that responsibility is put on the API caller creating the session. All Kasm is responsible for is destroying the session and its cached credentials along with it.
So on one hand if you just allowed credentials to be cached when you first make the connection you get an overall better user experience and if you wanted to leverage the API you even get a form passwordless authentication without worrying about managing secrets or certificates outside the session on Kasm. The latter would be a good incentive to upgrade to the Enterprise license too.