Delinea Mobile Overview

The Delinea Mobile app supports logging into multiple Secret Server and Platform tenants. The app also supports biometry to make the user experience convenient as well as secure. Once logged in, users can view secrets that they have permission to see in their Secret Server vault. Users can create new secrets directly in the mobile app, as well as organize secrets into folders.

The app can also be set as an auto-fill provider in the mobile device and fill in user-names and passwords for matching secrets. It also includes convenient time-based one-time password (TOTP) capabilities that can be used with sites and web applications that support TOTP-based authentication

Users can download the Delinea application from the following sources:

The minimum supported versions are iOS 15 and Android 13.

Managing the Delinea Authenticator Application

The Delinea Authenticator app provides a secure way to log in to the Delinea Platform.

The Authenticator app is different from the Delinea Mobile authentication feature.

For more information on the Authenticator app, see Using the Delinea Authenticator Application.

Multi-factor Authentication

The mobile application supports the following MFA mechanisms as used by Secret Server:

  • Delinea Mobile Authenticator

Supporting Biometric Unlock

The mobile application supports using biometric authentication in place of usernames and passwords.

  • Fingerprint (Android and iOS)
  • Facial recognition (iOS only, not all phone/iOS combinations)
  • The application will auto-reconnect to Secret Server if the connection is temporarily dropped due to network issues.

Enabling Autofill

When a user enables their mobile device’s autofill service and then registers Delinea Mobile with that service, users can launch a web session from a secret on the mobile device and automatically populate username and password login credentials on specified web sites or other mobile applications.

When you select the mobile application or web page and click on the username field you should see a prompt from Delinea Mobile to use the autofill service. Click this option to open the mobile app and log in if necessary, and the app runs a search of your secrets for:

  • Browser web site - to search for any secret that has the same Domain value in the URL
  • Other mobile application - to search for any secret that has the same name or URL value as the name of the mobile application that is being filled.

Users can also choose to manually modify the search value and run it again. Once the list of Secret Server Secrets has been returned, you can select which one you want to use and the autofill service will fill those credentials in the related username and password fields.

Currently the autofill service supports only the username and password fields.

Accessing Secrets Offline with Delinea Mobile

Delinea Mobile allows users to download secrets and access them when they have no network connectivity on their mobile device.

For more information, see Working with Secrets.

Downloading Secrets

Users can select individual secrets to download on the Delinea Mobile app. When the Delinea Mobile app detects a lack of network access, it will automatically switch into Offline Mode. In this mode, users can only view secrets they have previously downloaded. Users cannot edit secrets or add new ones in Offline Mode.

The downloaded secrets will have a 'downloaded' icon next to their name in both the secrets list and the secret details. Downloaded secrets will be available offline for a set period of time determined by the configuration settings in Secret Server. The default download expiration is 1 day.

For users to download secrets, they must be granted the 'Access Secrets Offline on Mobile' permission. This permission is not granted by default, even to Administrator roles.

Using Offline Functionality

When the Delinea Mobile app is in Offline Mode, users can still access the downloaded secrets and use any third-party TOTP codes they have already set up in the app. The MFA code used for the Delinea Platform login will also remain active while the app is in Offline Mode.

Secrets with access restrictions, such as "Requires Comment," cannot be downloaded. Additionally, there are no per-secret controls to enable or disable the downloading function.