From de3759fa85cfb1010d80118e565a8e55b2532188 Mon Sep 17 00:00:00 2001
From: rr-bw <102181210+rr-bw@users.noreply.github.com>
Date: Wed, 1 Oct 2025 08:54:33 -0700
Subject: [PATCH] refactor(sso-config-tweaks): [Auth/PM-933] Tweaks to SSO
Config Page (#16374)
Makes some tweaks to the SSO config page:
- SSO Identifier: update hint text
- Single Sign-On Service URL: make required, remove hint text
- Client Secret: make hidden by default (add view/hide toggle)
---
apps/web/src/locales/en/messages.json | 10 +++++++---
.../bit-web/src/app/auth/sso/sso.component.html | 14 ++++++++++----
.../bit-web/src/app/auth/sso/sso.component.ts | 4 +++-
3 files changed, 20 insertions(+), 8 deletions(-)
diff --git a/apps/web/src/locales/en/messages.json b/apps/web/src/locales/en/messages.json
index 4bb4c8873ee..35f369aa647 100644
--- a/apps/web/src/locales/en/messages.json
+++ b/apps/web/src/locales/en/messages.json
@@ -5219,9 +5219,13 @@
"ssoIdentifier": {
"message": "SSO identifier"
},
- "ssoIdentifierHintPartOne": {
- "message": "Provide this ID to your members to login with SSO. To bypass this step, set up ",
- "description": "This will be used as part of a larger sentence, broken up to include links. The full sentence will read 'Provide this ID to your members to login with SSO. To bypass this step, set up Domain verification'"
+ "ssoIdentifierHint": {
+ "message": "Provide this ID to your members to login with SSO. Members can skip entering this identifier during SSO if a claimed domain is set up. ",
+ "description": "This will be used as part of a larger sentence, broken up to include a link. The full sentence will read 'Provide this ID to your members to login with SSO. Members can skip entering this identifier during SSO if a claimed domain is set up. Learn more'"
+ },
+ "claimedDomainsLearnMore": {
+ "message": "Learn more",
+ "description": "This will be used as part of a larger sentence, broken up to include a link. The full sentence will read 'Provide this ID to your members to login with SSO. Members can skip entering this identifier during SSO if a claimed domain is set up. Learn more'"
},
"unlinkSso": {
"message": "Unlink SSO"
diff --git a/bitwarden_license/bit-web/src/app/auth/sso/sso.component.html b/bitwarden_license/bit-web/src/app/auth/sso/sso.component.html
index ef8241b534c..6d2836ee0ba 100644
--- a/bitwarden_license/bit-web/src/app/auth/sso/sso.component.html
+++ b/bitwarden_license/bit-web/src/app/auth/sso/sso.component.html
@@ -30,8 +30,8 @@
{{ "ssoIdentifier" | i18n }}
- {{ "ssoIdentifierHintPartOne" | i18n }}
- {{ "claimedDomains" | i18n }}
+ {{ "ssoIdentifierHint" | i18n }}
+ {{ "claimedDomainsLearnMore" | i18n }}
@@ -209,7 +209,14 @@
{{ "clientSecret" | i18n }}
-
+
+
@@ -488,7 +495,6 @@
formControlName="idpSingleSignOnServiceUrl"
appInputStripSpaces
/>
- {{ "idpSingleSignOnServiceUrlRequired" | i18n }}
diff --git a/bitwarden_license/bit-web/src/app/auth/sso/sso.component.ts b/bitwarden_license/bit-web/src/app/auth/sso/sso.component.ts
index 9baeaabb33f..f68e35bf240 100644
--- a/bitwarden_license/bit-web/src/app/auth/sso/sso.component.ts
+++ b/bitwarden_license/bit-web/src/app/auth/sso/sso.component.ts
@@ -121,6 +121,8 @@ export class SsoComponent implements OnInit, OnDestroy {
spMetadataUrl: string;
spAcsUrl: string;
+ showClientSecret = false;
+
protected openIdForm = this.formBuilder.group>(
{
authority: new FormControl("", Validators.required),
@@ -156,7 +158,7 @@ export class SsoComponent implements OnInit, OnDestroy {
idpEntityId: new FormControl("", Validators.required),
idpBindingType: new FormControl(Saml2BindingType.HttpRedirect),
- idpSingleSignOnServiceUrl: new FormControl(),
+ idpSingleSignOnServiceUrl: new FormControl("", Validators.required),
idpSingleLogoutServiceUrl: new FormControl(),
idpX509PublicCert: new FormControl("", Validators.required),
idpOutboundSigningAlgorithm: new FormControl(defaultSigningAlgorithm),