Yes - you are correct. User can only map the username from the login and not the password - the reason being, normally - the when SSO is enabled - the SA can cache the username and password which is secured and this is used to relay it back to the server, so that the backend server thinks that the client (you) is trying to login while it's done by the SA for you. In this case, since the user is creating the bookmark - storing the password on any cookie / client machine on the fly is insecure and thus, we only give permission to map the username. However, the password can be stored manually on a browser. Hope the above answers your question. Please mark this post as 'accepted solution' if this answers your question that way it might help others as well, a kudo would be a bonus thanks
... View more