GPass Application Guide
What Is GPass?
GPass is Guidewire’s encrypted, single‑use secret‑sharing application. It enables Guidewire to securely deliver passwords, tokens, and other sensitive data to customers, partners, and internal staff without relying on email or chat.
Purpose and benefits of GPass
GPass addresses the critical need for secure secret sharing by:
Eliminating risky practices:
- GPass directly tackles the dangers of emailing credentials or sharing them over chat, which often lack necessary encryption and access controls.
Ensuring secure delivery:
- As an encrypted, single-use application, GPass is specifically designed to deliver sensitive data securely. This encryption protects information in transit and at rest until accessed.
Providing a straightforward workflow:
- Its self-service nature can reduce the need for support tickets related to credential sharing.
Preventing accidental exposure:
- Secrets shared via GPass are designed for one-time retrieval, meaning a secret expires immediately after it's successfully accessed. This significantly reduces the window of opportunity for accidental exposure compared to information persistently stored in emails or chat logs.
Controlled Access:
- With features like multi-factor authentication (MFA) for guest users, GPass ensures that only the intended recipient can view the secret.
Who should use this guide?
This guide is for external Guidewire customers and partners who receive sensitive information via GPass. There are two main types of users:
Users with a Guidewire Cloud account:
- Individuals who already have existing credentials for Guidewire Cloud services. You will use your established Guidewire Cloud account to register for GPass and access secrets.
Guest users (e.g. customers or partners without Guidewire Cloud a ccounts):
- Individuals who do not have Guidewire Cloud credentials but need to receive sensitive data shared via GPass. This path involves a one-time registration process that includes setting up multi-factor authentication (MFA).
If you are unsure whether you have a Guidewire Cloud account or if you've been specifically instructed to register as a guest, please follow the "For Users WITHOUT a Guidewire Cloud Account (Guest Users)" section.
What’s covered?
- One-time user registration for GPass.
- Retrieving secrets via the web UI on desktop or mobile.
| Item | Cloud User | Guest User |
|---|---|---|
E‑mail invitation from gpass‑no‑reply@guidewire.com | ✅ | ✅ |
| Private/Incognito browser window | — | ✅ |
| Guidewire Cloud credentials | ✅ | — |
| Smartphone with Okta Verify | — | ✅ |
| Internet access | ✅ | ✅ |
Key terms and references
| Term | Meaning |
|---|---|
| Secret URL | Unique link in the notification email that opens the secret |
| Registration Code | 6‑digit code e‑mailed to guest users; expires after 10 min |
| Okta Verify | Mobile MFA app that generates time‑based codes for guest login |
How to use GPass
This section outlines the complete user journey with GPass, from the initial invitation to accessing a shared secret. There are two high-level tasks:
- Register your identity with GPass.
- Retrieve your shared secrets.
Follow the path that matches your situation.
Was this page helpful?