Feature Request: PassBolt Support for Sony PlayStation (PS4/PS5) - Implementation Roadmap & Technical Proposal

Feature requests
1

Q1. What is the problem that you are trying to solve?

Enterprise and institutional environments increasingly deploy Sony PlayStation consoles (corporate lounges, esports/training facilities, digital signage and kiosk deployments, educational institutions with gaming programs), but PassBolt currently has no first-class story for managing credentials on these devices. Users either type long passwords manually with a controller, share weak credentials across staff, or bypass the password manager entirely — all of which undermine the credential-hygiene posture PassBolt is meant to enforce.

The problem would be considered solved when an enterprise user can sign in to PlayStation accounts and in-console services using credentials retrieved from PassBolt without manually re-typing them on the console, and when shared-device deployments can be audited centrally.

Q2. Who is impacted?

The change benefits:

  • Enterprise PassBolt customers operating shared PlayStation deployments (corporate, hospitality, esports, education).

  • IT administrators responsible for credential hygiene and compliance on non-traditional endpoints.

  • Individual PassBolt users who own a PlayStation and want consistent credential management across all their devices.

This is not a universal feature for every PassBolt user, but it addresses a specific and growing segment of enterprise gaming and shared-console use cases.

Q3. Why is it important and/or urgent?

Strategically, expanding PassBolt to gaming consoles signals that PassBolt is the credential manager for every endpoint an enterprise owns, not just desktops and phones. It is timely because:

  • Sony has recently added passkey support on PlayStation, which means third-party credential providers can now plug in via the mobile device flow — the platform door is open in a way it was not a year ago.

  • Enterprise gaming deployments are growing, and competing password managers do not yet have a console story either — first-mover advantage is available.

  • Phase 1 (Android autofill in the PS App) and Phase 4 (passkey enhancement) can both be delivered with minimal new platform-specific development, so the cost-to-value ratio is favorable now.

Q4. What is your proposed solution?

Current state analysis

PlayStation platform capabilities:

  • Web browser: PS5 contains a WebKit-based browser (User Agent: Mozilla/5.0 (PlayStation; PlayStation 5/X.XX) AppleWebKit/605.1.15) accessible via hidden methods.

  • Passkey support: Recently added — supports third-party password managers via mobile device authentication.

  • PS App: Robust mobile companion app (Android/iOS) with account linking capabilities.

  • API limitations: No native third-party password manager APIs exposed to developers.

PassBolt existing infrastructure:

  • REST API with full CRUD operations for credentials.

  • Android Autofill Framework support (already implemented).

  • Browser extensions for Chrome, Firefox, Edge.

  • Mobile apps with biometric authentication.

  • CLI and SDKs for automation.

Phase 1 — PS App for Android integration (short term)

Approach: Leverage PassBolt’s existing Android Autofill Framework support within the PlayStation App.

Technical implementation:

  1. Autofill service detection: Ensure PassBolt’s Android autofill service properly detects login fields within the PS App’s WebView components.

  2. Deep linking: Implement a passbolt:// URI scheme to allow credential handoff from PassBolt mobile to PS App.

  3. Quick Access overlay: Enable PassBolt’s Quick Access feature to appear as an overlay within PS App when credential input is detected.

User story: As an enterprise user signing into the PS App on Android, I can have PassBolt autofill my PlayStation credentials with a biometric confirmation, so that I never type the password on a controller.

Test scenario (given/when/then):

  • Given the PassBolt Android app is installed and configured as the system autofill service,

  • When the user opens the PS App and focuses the PSN account login field,

  • Then a PassBolt autofill prompt appears, biometric authentication unlocks it, and the matching credential is filled into the PS App without manual typing.

Phase 2 — Web browser extension (medium term)

Approach: Develop a lightweight PassBolt browser extension compatible with PS5’s WebKit browser.

Technical requirements:

  1. User-agent detection: PassBolt extension detects PlayStation browser UA and adapts UI for controller navigation.

  2. Controller input mapping: Map DualSense/DualShock controls:

    • D-pad / Left Stick — Navigation

    • X — Select / Confirm

    • Circle — Back / Cancel

    • Touchpad — Text input assistance

  3. Simplified UI: A “Big Picture”-style interface optimized for TV displays.

Implementation path: PS5’s browser is WebKit-based, so PassBolt’s existing Safari extension codebase could be adapted. Sideloading would require a Sony developer partnership or enterprise MDM deployment.

Challenges: The PS5 browser is hidden/unsupported by Sony, extension installation requires Sony approval or enterprise MDM, and browser functionality is limited compared to desktop.

Phase 3 — Native PlayStation app (long term)

Approach: Develop an official PassBolt app for PlayStation Store (PS4/PS5).

Technical architecture:

  1. Web-based app using PlayStation’s WebGL/HTML5 application framework.

  2. API integration: Direct REST API calls to PassBolt server instances.

  3. Secure storage: Leverage PlayStation’s encrypted storage APIs for local credential cache.

  4. Controller-optimized UI: Full TV-optimized interface.

Features: view/search credential vault, copy passwords to clipboard for pasting into games/apps, TOTP code generation, secure note access, admin functions for enterprise users.

Requirements: Sony developer partnership, PassBolt Cloud and self-hosted support, compliance with PlayStation Store policies.

Phase 4 — Passkey and cross-device authentication (immediate opportunity)

Approach: Enhance PassBolt’s existing passkey support to work seamlessly with PlayStation’s implementation.

Current status: PlayStation now supports passkeys via mobile device authentication. Users can sign in without passwords using their phone’s biometric authentication.

PassBolt enhancement:

  1. Passkey storage: Ensure PassBolt can store and sync PlayStation account passkeys.

  2. Cross-device flow: Optimize mobile-to-PlayStation handoff — user attempts PlayStation login, QR code or proximity prompt appears, PassBolt mobile receives notification, biometric confirmation on phone triggers automatic PlayStation sign-in.

  3. Enterprise policy: Allow IT admins to mandate passkey usage for PlayStation accounts.

User story: As an enterprise user signing into a shared PlayStation, I can approve the login from my PassBolt mobile app with a passkey, so that no shared password ever touches the console.

Test scenario (given/when/then):

  • Given a PassBolt-stored passkey is registered for a PlayStation account,

  • When the user initiates sign-in on the PS5 and selects “use a phone or other device,”

  • Then the PassBolt mobile app receives a passkey prompt, biometric approval signs the challenge, and the console completes sign-in without a typed password.

Alternative integration — enterprise proxy approach

For organizations needing immediate solutions:

  • Web credential proxy: Deploy a PassBolt-connected web portal accessible via the PS5 browser. Users authenticate to PassBolt in the browser, then copy-paste credentials into PlayStation login fields, with a screen-optimized interface for controller navigation.

  • Mobile companion mode: Use the PassBolt mobile app as the “keyboard” for PlayStation, sending credentials via PlayStation’s Second Screen protocol and eliminating manual typing on console.

Security considerations

  1. Shared device management: Enterprise PlayStation consoles are often shared. Implement session timeouts, PIN protection for PassBolt access, and automatic logout on controller disconnect.

  2. Network security: PlayStation-to-PassBolt-server communications must use TLS 1.3, certificate pinning, and VPN tunneling for self-hosted instances.

  3. Audit logging: Track all credential access from PlayStation devices for compliance.

Non-functional requirements

  • No reduction in PassBolt’s existing zero-knowledge security guarantees.

  • All console-side code paths must be reviewable as open source, consistent with PassBolt’s licensing posture.

  • Feature must work for both PassBolt Cloud and self-hosted deployments.

Questions for the PassBolt team

  1. Is there interest in officially supporting gaming console platforms?

  2. Can the Android autofill implementation be enhanced to better detect WebView fields in companion apps like the PS App?

  3. Would PassBolt consider a “universal web interface” optimized for controller/TV navigation that could also work on PS5’s browser?

Questions for the community

  1. Are other organizations facing similar PlayStation credential management challenges?

  2. Would a controller-optimized web interface be useful for other TV-based browsing scenarios?

Q5. Community support

People can vote for this idea to show traction:

  • [ 1 ] Must have: this is critical for me to have this

  • [ 2 ] Should have: this is important for me to have this

  • [ 3 ] Could have: this could be nice to have

  • [ 4 ] Won’t have: we should not schedule this (explain why)