Merge branch 'main' into renovate/lock-file-maintenance

.github/workflows/build.yml

@@ -16,8 +16,6 @@ jobs:
   cloc:
     name: CLOC
     runs-on: ubuntu-24.04
-    permissions:
-      contents: read
     steps:
       - name: Checkout repo
         uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
@@ -34,8 +32,6 @@ jobs:
   setup:
     name: Setup
     runs-on: ubuntu-24.04
-    permissions:
-      contents: read
     outputs:
       package_version: ${{ steps.retrieve-version.outputs.package_version }}
     steps:
@@ -57,8 +53,6 @@ jobs:
       _PACKAGE_VERSION: ${{ needs.setup.outputs.package_version }}
       _PKG_FETCH_NODE_VERSION: 18.5.0
       _PKG_FETCH_VERSION: 3.4
-    permissions:
-      contents: read
     steps:
       - name: Checkout repo
         uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
@@ -138,8 +132,6 @@ jobs:
     name: Build Mac CLI
     runs-on: macos-13
     needs: setup
-    permissions:
-      contents: read
     env:
       _PACKAGE_VERSION: ${{ needs.setup.outputs.package_version }}
       _PKG_FETCH_NODE_VERSION: 18.5.0
@@ -216,8 +208,6 @@ jobs:
     name: Build Windows CLI
     runs-on: windows-2022
     needs: setup
-    permissions:
-      contents: read
     env:
       _PACKAGE_VERSION: ${{ needs.setup.outputs.package_version }}
       _WIN_PKG_FETCH_VERSION: 18.5.0
@@ -351,9 +341,6 @@ jobs:
     name: Build Windows GUI
     runs-on: windows-2022
     needs: setup
-    permissions:
-      contents: read
-      id-token: write
     env:
       NODE_OPTIONS: --max_old_space_size=4096
       _PACKAGE_VERSION: ${{ needs.setup.outputs.package_version }}
@@ -385,12 +372,10 @@ jobs:
       - name: Install Node dependencies
         run: npm install
 
-      - name: Log in to Azure
+      - name: Login to Azure
-        uses: bitwarden/gh-actions/azure-login@main
+        uses: Azure/login@e15b166166a8746d1a47596803bd8c1b595455cf # v1.6.0
         with:
-          subscription_id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
+          creds: ${{ secrets.AZURE_KV_CI_SERVICE_PRINCIPAL }}
-          tenant_id: ${{ secrets.AZURE_TENANT_ID }}
-          client_id: ${{ secrets.AZURE_CLIENT_ID }}
 
       - name: Retrieve secrets
         id: retrieve-secrets
@@ -403,9 +388,6 @@ jobs:
             code-signing-client-secret,
             code-signing-cert-name"
 
-      - name: Log out from Azure
-        uses: bitwarden/gh-actions/azure-logout@main
-
       - name: Build & Sign
         run: npm run dist:win
         env:
@@ -449,8 +431,6 @@ jobs:
     name: Build Linux GUI
     runs-on: ubuntu-24.04
     needs: setup
-    permissions:
-      contents: read
     env:
       NODE_OPTIONS: --max_old_space_size=4096
       _PACKAGE_VERSION: ${{ needs.setup.outputs.package_version }}
@@ -505,9 +485,6 @@ jobs:
     name: Build MacOS GUI
     runs-on: macos-13
     needs: setup
-    permissions:
-      contents: read
-      id-token: write
     env:
       NODE_OPTIONS: --max_old_space_size=4096
       _PACKAGE_VERSION: ${{ needs.setup.outputs.package_version }}
@@ -535,19 +512,10 @@ jobs:
           echo "GitHub ref: $GITHUB_REF"
           echo "GitHub event: $GITHUB_EVENT"
 
-      - name: Log in to Azure
+      - name: Login to Azure
-        uses: bitwarden/gh-actions/azure-login@main
+        uses: Azure/login@e15b166166a8746d1a47596803bd8c1b595455cf # v1.6.0
         with:
-          subscription_id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
+          creds: ${{ secrets.AZURE_KV_CI_SERVICE_PRINCIPAL }}
-          tenant_id: ${{ secrets.AZURE_TENANT_ID }}
-          client_id: ${{ secrets.AZURE_CLIENT_ID }}
-
-      - name: Get Azure Key Vault secrets
-        id: get-kv-secrets
-        uses: bitwarden/gh-actions/get-keyvault-secrets@main
-        with:
-          keyvault: gh-directory-connector
-          secrets: "KEYCHAIN-PASSWORD,APP-STORE-CONNECT-AUTH-KEY,APP-STORE-CONNECT-TEAM-ISSUER"
 
       - name: Get certificates
         run: |
@@ -562,12 +530,9 @@ jobs:
           az keyvault secret show --id https://bitwarden-ci.vault.azure.net/certificates/macdev-cert |
             jq -r .value | base64 -d > $HOME/certificates/macdev-cert.p12
 
-      - name: Log out from Azure
-        uses: bitwarden/gh-actions/azure-logout@main
-
       - name: Set up keychain
         env:
-          KEYCHAIN_PASSWORD: ${{ steps.get-kv-secrets.outputs.KEYCHAIN-PASSWORD }}
+          KEYCHAIN_PASSWORD: ${{ secrets.KEYCHAIN_PASSWORD }}
         run: |
           security create-keychain -p $KEYCHAIN_PASSWORD build.keychain
           security default-keychain -s build.keychain
@@ -601,13 +566,13 @@ jobs:
         run: |
           mkdir ~/private_keys
           cat << EOF > ~/private_keys/AuthKey_UFD296548T.p8
-          ${{ steps.get-kv-secrets.outputs.APP-STORE-CONNECT-AUTH-KEY }}
+          ${{ secrets.APP_STORE_CONNECT_AUTH_KEY }}
           EOF
 
       - name: Build application
         run: npm run dist:mac
         env:
-          APP_STORE_CONNECT_TEAM_ISSUER: ${{ steps.get-kv-secrets.outputs.APP-STORE-CONNECT-TEAM-ISSUER }}
+          APP_STORE_CONNECT_TEAM_ISSUER: ${{ secrets.APP_STORE_CONNECT_TEAM_ISSUER }}
           APP_STORE_CONNECT_AUTH_KEY: UFD296548T
           APP_STORE_CONNECT_AUTH_KEY_PATH: ~/private_keys/AuthKey_UFD296548T.p8
           CSC_FOR_PULL_REQUEST: true
@@ -653,8 +618,6 @@ jobs:
       - windows-gui
       - linux-gui
       - macos-gui
-    permissions:
-      id-token: write
     steps:
       - name: Check if any job failed
         if: |
@@ -664,13 +627,11 @@ jobs:
           && contains(needs.*.result, 'failure')
         run: exit 1
 
-      - name: Log in to Azure
+      - name: Login to Azure - CI subscription
+        uses: Azure/login@e15b166166a8746d1a47596803bd8c1b595455cf # v1.6.0
         if: failure()
-        uses: bitwarden/gh-actions/azure-login@main
         with:
-          subscription_id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
+          creds: ${{ secrets.AZURE_KV_CI_SERVICE_PRINCIPAL }}
-          tenant_id: ${{ secrets.AZURE_TENANT_ID }}
-          client_id: ${{ secrets.AZURE_CLIENT_ID }}
 
       - name: Retrieve secrets
         id: retrieve-secrets
@@ -680,9 +641,6 @@ jobs:
           keyvault: "bitwarden-ci"
           secrets: "devops-alerts-slack-webhook-url"
 
-      - name: Log out from Azure
-        uses: bitwarden/gh-actions/azure-logout@main
-
       - name: Notify Slack on failure
         uses: act10ns/slack@44541246747a30eb3102d87f7a4cc5471b0ffb7d # v2.1.0
         if: failure()

.github/workflows/release.yml

@@ -20,8 +20,6 @@ jobs:
   setup:
     name: Setup
     runs-on: ubuntu-24.04
-    permissions:
-      contents: read
     outputs:
       release_version: ${{ steps.version.outputs.version }}
     steps:
@@ -50,10 +48,6 @@ jobs:
     name: Release
     runs-on: ubuntu-24.04
     needs: setup
-    permissions:
-      actions: read
-      packages: read
-      contents: write
     steps:
       - name: Download all artifacts
         if: ${{ inputs.release_type != 'Dry Run' }}

.github/workflows/scan.yml

@@ -12,7 +12,7 @@ on:
   pull_request_target:
     types: [opened, synchronize, reopened]
     branches:
-      - main
+      - "main"
 
 permissions: {}
 
@@ -31,7 +31,6 @@ jobs:
       contents: read
       pull-requests: write
       security-events: write
-      id-token: write
 
     steps:
       - name: Check out repo
@@ -39,33 +38,16 @@ jobs:
         with:
           ref: ${{ github.event.pull_request.head.sha }}
 
-      - name: Log in to Azure
-        uses: bitwarden/gh-actions/azure-login@main
-        with:
-          subscription_id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
-          tenant_id: ${{ secrets.AZURE_TENANT_ID }}
-          client_id: ${{ secrets.AZURE_CLIENT_ID }}
-
-      - name: Get Azure Key Vault secrets
-        id: get-kv-secrets
-        uses: bitwarden/gh-actions/get-keyvault-secrets@main
-        with:
-          keyvault: gh-org-bitwarden
-          secrets: "CHECKMARX-TENANT,CHECKMARX-CLIENT-ID,CHECKMARX-SECRET"
-
-      - name: Log out from Azure
-        uses: bitwarden/gh-actions/azure-logout@main
-
       - name: Scan with Checkmarx
         uses: checkmarx/ast-github-action@184bf2f64f55d1c93fd6636d539edf274703e434 # 2.0.41
         env:
           INCREMENTAL: "${{ contains(github.event_name, 'pull_request') && '--sast-incremental' || '' }}"
         with:
           project_name: ${{ github.repository }}
-          cx_tenant: ${{ steps.get-kv-secrets.outputs.CHECKMARX-TENANT }}
+          cx_tenant: ${{ secrets.CHECKMARX_TENANT }}
           base_uri: https://ast.checkmarx.net/
-          cx_client_id: ${{ steps.get-kv-secrets.outputs.CHECKMARX-CLIENT-ID }}
+          cx_client_id: ${{ secrets.CHECKMARX_CLIENT_ID }}
-          cx_client_secret: ${{ steps.get-kv-secrets.outputs.CHECKMARX-SECRET }}
+          cx_client_secret: ${{ secrets.CHECKMARX_SECRET }}
           additional_params: |
             --report-format sarif \
             --filter "state=TO_VERIFY;PROPOSED_NOT_EXPLOITABLE;CONFIRMED;URGENT" \
@@ -85,7 +67,6 @@ jobs:
     permissions:
       contents: read
       pull-requests: write
-      id-token: write
 
     steps:
       - name: Check out repo
@@ -94,27 +75,10 @@ jobs:
           fetch-depth: 0
           ref: ${{ github.event.pull_request.head.sha }}
 
-      - name: Log in to Azure
-        uses: bitwarden/gh-actions/azure-login@main
-        with:
-          subscription_id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
-          tenant_id: ${{ secrets.AZURE_TENANT_ID }}
-          client_id: ${{ secrets.AZURE_CLIENT_ID }}
-
-      - name: Get Azure Key Vault secrets
-        id: get-kv-secrets
-        uses: bitwarden/gh-actions/get-keyvault-secrets@main
-        with:
-          keyvault: gh-org-bitwarden
-          secrets: "SONAR-TOKEN"
-
-      - name: Log out from Azure
-        uses: bitwarden/gh-actions/azure-logout@main
-
       - name: Scan with SonarCloud
         uses: sonarsource/sonarqube-scan-action@2500896589ef8f7247069a56136f8dc177c27ccf # v5.2.0
         env:
-          SONAR_TOKEN: ${{ steps.get-kv-secrets.outputs.SONAR-TOKEN }}
+          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
         with:
           args: >
             -Dsonar.organization=${{ github.repository_owner }}

.github/workflows/version-bump.yml

@@ -12,9 +12,6 @@ jobs:
   bump_version:
     name: Bump Version
     runs-on: ubuntu-24.04
-    permissions:
-      contents: write
-      id-token: write
     steps:
       - name: Validate version input
         if: ${{ inputs.version_number_override != '' }}
@@ -22,29 +19,12 @@ jobs:
         with:
           version: ${{ inputs.version_number_override }}
 
-      - name: Log in to Azure
-        uses: bitwarden/gh-actions/azure-login@main
-        with:
-          subscription_id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
-          tenant_id: ${{ secrets.AZURE_TENANT_ID }}
-          client_id: ${{ secrets.AZURE_CLIENT_ID }}
-
-      - name: Get Azure Key Vault secrets
-        id: get-kv-secrets
-        uses: bitwarden/gh-actions/get-keyvault-secrets@main
-        with:
-          keyvault: gh-org-bitwarden
-          secrets: "BW-GHAPP-ID,BW-GHAPP-KEY"
-
-      - name: Log out from Azure
-        uses: bitwarden/gh-actions/azure-logout@main
-
       - name: Generate GH App token
         uses: actions/create-github-app-token@c1a285145b9d317df6ced56c09f525b5c2b6f755 # v1.11.1
         id: app-token
         with:
-          app-id: ${{ steps.get-kv-secrets.outputs.BW-GHAPP-ID }}
+          app-id: ${{ secrets.BW_GHAPP_ID }}
-          private-key: ${{ steps.get-kv-secrets.outputs.BW-GHAPP-KEY }}
+          private-key: ${{ secrets.BW_GHAPP_KEY }}
 
       - name: Checkout Branch
         uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2

README.md

@@ -9,7 +9,7 @@ Supported directories:
 
 - Active Directory
 - Any other LDAP-based directory
-- Microsoft Entra ID
+- Azure Active Directory
 - G Suite (Google)
 - Okta
 

package.json

@@ -2,7 +2,7 @@
   "name": "@bitwarden/directory-connector",
   "productName": "Bitwarden Directory Connector",
   "description": "Sync your user directory to your Bitwarden organization.",
-  "version": "2025.6.1",
+  "version": "2025.6.0",
   "keywords": [
     "bitwarden",
     "password",

src/abstractions/state.service.ts

@@ -3,7 +3,7 @@ import { StorageOptions } from "@/jslib/common/src/models/domain/storageOptions"
 
 import { DirectoryType } from "@/src/enums/directoryType";
 import { Account } from "@/src/models/account";
-import { EntraIdConfiguration } from "@/src/models/entraIdConfiguration";
+import { AzureConfiguration } from "@/src/models/azureConfiguration";
 import { GSuiteConfiguration } from "@/src/models/gsuiteConfiguration";
 import { LdapConfiguration } from "@/src/models/ldapConfiguration";
 import { OktaConfiguration } from "@/src/models/oktaConfiguration";
@@ -17,7 +17,7 @@ export abstract class StateService extends BaseStateServiceAbstraction<Account>
     config:
       | LdapConfiguration
       | GSuiteConfiguration
-      | EntraIdConfiguration
+      | AzureConfiguration
       | OktaConfiguration
       | OneLoginConfiguration,
   ) => Promise<any>;
@@ -25,8 +25,8 @@ export abstract class StateService extends BaseStateServiceAbstraction<Account>
   setLdapConfiguration: (value: LdapConfiguration, options?: StorageOptions) => Promise<void>;
   getGsuiteConfiguration: (options?: StorageOptions) => Promise<GSuiteConfiguration>;
   setGsuiteConfiguration: (value: GSuiteConfiguration, options?: StorageOptions) => Promise<void>;
-  getEntraConfiguration: (options?: StorageOptions) => Promise<EntraIdConfiguration>;
+  getAzureConfiguration: (options?: StorageOptions) => Promise<AzureConfiguration>;
-  setEntraConfiguration: (value: EntraIdConfiguration, options?: StorageOptions) => Promise<void>;
+  setAzureConfiguration: (value: AzureConfiguration, options?: StorageOptions) => Promise<void>;
   getOktaConfiguration: (options?: StorageOptions) => Promise<OktaConfiguration>;
   setOktaConfiguration: (value: OktaConfiguration, options?: StorageOptions) => Promise<void>;
   getOneLoginConfiguration: (options?: StorageOptions) => Promise<OneLoginConfiguration>;

src/app/tabs/settings.component.html

@@ -242,7 +242,7 @@
             </div>
           </div>
         </div>
-        <div [hidden]="directory != directoryType.EntraID">
+        <div [hidden]="directory != directoryType.AzureActiveDirectory">
           <div class="mb-3">
             <label for="identityAuthority" class="form-label">{{
               "identityAuthority" | i18n
@@ -251,10 +251,10 @@
               class="form-select"
               id="identityAuthority"
               name="IdentityAuthority"
-              [(ngModel)]="entra.identityAuthority"
+              [(ngModel)]="azure.identityAuthority"
             >
-              <option value="login.microsoftonline.com">Entra Id Public</option>
+              <option value="login.microsoftonline.com">Azure AD Public</option>
-              <option value="login.microsoftonline.us">Entra Id Government</option>
+              <option value="login.microsoftonline.us">Azure AD Government</option>
             </select>
           </div>
           <div class="mb-3">
@@ -264,7 +264,7 @@
               class="form-control"
               id="tenant"
               name="Tenant"
-              [(ngModel)]="entra.tenant"
+              [(ngModel)]="azure.tenant"
             />
             <div class="form-text">{{ "ex" | i18n }} companyad.onmicrosoft.com</div>
           </div>
@@ -275,29 +275,29 @@
               class="form-control"
               id="applicationId"
               name="ApplicationId"
-              [(ngModel)]="entra.applicationId"
+              [(ngModel)]="azure.applicationId"
             />
           </div>
           <div class="mb-3">
             <label for="secretKey" class="form-label">{{ "secretKey" | i18n }}</label>
             <div class="input-group">
               <input
-                type="{{ showEntraKey ? 'text' : 'password' }}"
+                type="{{ showAzureKey ? 'text' : 'password' }}"
                 class="form-control"
                 id="secretKey"
                 name="SecretKey"
-                [(ngModel)]="entra.key"
+                [(ngModel)]="azure.key"
               />
               <button
                 type="button"
                 class="btn btn-outline-secondary"
                 appA11yTitle="{{ 'toggleVisibility' | i18n }}"
-                (click)="toggleEntraKey()"
+                (click)="toggleAzureKey()"
               >
                 <i
                   class="bwi bwi-lg"
                   aria-hidden="true"
-                  [ngClass]="showEntraKey ? 'bwi-eye-slash' : 'bwi-eye'"
+                  [ngClass]="showAzureKey ? 'bwi-eye-slash' : 'bwi-eye'"
                 ></i>
               </button>
             </div>
@@ -607,7 +607,7 @@
             <div class="form-text" *ngIf="directory === directoryType.Ldap">
               {{ "ex" | i18n }} (&amp;(givenName=John)(|(l=Dallas)(l=Austin)))
             </div>
-            <div class="form-text" *ngIf="directory === directoryType.EntraID">
+            <div class="form-text" *ngIf="directory === directoryType.AzureActiveDirectory">
               {{ "ex" | i18n }} exclude:joe&#64;company.com
             </div>
             <div class="form-text" *ngIf="directory === directoryType.Okta">
@@ -684,7 +684,7 @@
             <div class="form-text" *ngIf="directory === directoryType.Ldap">
               {{ "ex" | i18n }} (&amp;(objectClass=group)(!(cn=Sales*))(!(cn=IT*)))
             </div>
-            <div class="form-text" *ngIf="directory === directoryType.EntraID">
+            <div class="form-text" *ngIf="directory === directoryType.AzureActiveDirectory">
               {{ "ex" | i18n }} include:Sales,IT
             </div>
             <div class="form-text" *ngIf="directory === directoryType.Okta">

src/app/tabs/settings.component.ts

@@ -5,7 +5,7 @@ import { LogService } from "@/jslib/common/src/abstractions/log.service";
 
 import { StateService } from "../../abstractions/state.service";
 import { DirectoryType } from "../../enums/directoryType";
-import { EntraIdConfiguration } from "../../models/entraIdConfiguration";
+import { AzureConfiguration } from "../../models/azureConfiguration";
 import { GSuiteConfiguration } from "../../models/gsuiteConfiguration";
 import { LdapConfiguration } from "../../models/ldapConfiguration";
 import { OktaConfiguration } from "../../models/oktaConfiguration";
@@ -22,13 +22,13 @@ export class SettingsComponent implements OnInit, OnDestroy {
   directoryType = DirectoryType;
   ldap = new LdapConfiguration();
   gsuite = new GSuiteConfiguration();
-  entra = new EntraIdConfiguration();
+  azure = new AzureConfiguration();
   okta = new OktaConfiguration();
   oneLogin = new OneLoginConfiguration();
   sync = new SyncConfiguration();
   directoryOptions: any[];
   showLdapPassword = false;
-  showEntraKey = false;
+  showAzureKey = false;
   showOktaKey = false;
   showOneLoginSecret = false;
 
@@ -42,7 +42,7 @@ export class SettingsComponent implements OnInit, OnDestroy {
     this.directoryOptions = [
       { name: this.i18nService.t("select"), value: null },
       { name: "Active Directory / LDAP", value: DirectoryType.Ldap },
-      { name: "Entra ID", value: DirectoryType.EntraID },
+      { name: "Azure Active Directory", value: DirectoryType.AzureActiveDirectory },
       { name: "G Suite (Google)", value: DirectoryType.GSuite },
       { name: "Okta", value: DirectoryType.Okta },
       { name: "OneLogin", value: DirectoryType.OneLogin },
@@ -56,9 +56,10 @@ export class SettingsComponent implements OnInit, OnDestroy {
     this.gsuite =
       (await this.stateService.getDirectory<GSuiteConfiguration>(DirectoryType.GSuite)) ||
       this.gsuite;
-    this.entra =
+    this.azure =
-      (await this.stateService.getDirectory<EntraIdConfiguration>(DirectoryType.EntraID)) ||
+      (await this.stateService.getDirectory<AzureConfiguration>(
-      this.entra;
+        DirectoryType.AzureActiveDirectory,
+      )) || this.azure;
     this.okta =
       (await this.stateService.getDirectory<OktaConfiguration>(DirectoryType.Okta)) || this.okta;
     this.oneLogin =
@@ -79,7 +80,7 @@ export class SettingsComponent implements OnInit, OnDestroy {
     await this.stateService.setDirectoryType(this.directory);
     await this.stateService.setDirectory(DirectoryType.Ldap, this.ldap);
     await this.stateService.setDirectory(DirectoryType.GSuite, this.gsuite);
-    await this.stateService.setDirectory(DirectoryType.EntraID, this.entra);
+    await this.stateService.setDirectory(DirectoryType.AzureActiveDirectory, this.azure);
     await this.stateService.setDirectory(DirectoryType.Okta, this.okta);
     await this.stateService.setDirectory(DirectoryType.OneLogin, this.oneLogin);
     await this.stateService.setSync(this.sync);
@@ -134,8 +135,8 @@ export class SettingsComponent implements OnInit, OnDestroy {
     document.getElementById("password").focus();
   }
 
-  toggleEntraKey() {
+  toggleAzureKey() {
-    this.showEntraKey = !this.showEntraKey;
+    this.showAzureKey = !this.showAzureKey;
     document.getElementById("secretKey").focus();
   }
 

src/commands/config.command.ts

@@ -8,7 +8,7 @@ import { MessageResponse } from "@/jslib/node/src/cli/models/response/messageRes
 
 import { StateService } from "../abstractions/state.service";
 import { DirectoryType } from "../enums/directoryType";
-import { EntraIdConfiguration } from "../models/entraIdConfiguration";
+import { AzureConfiguration } from "../models/azureConfiguration";
 import { GSuiteConfiguration } from "../models/gsuiteConfiguration";
 import { LdapConfiguration } from "../models/ldapConfiguration";
 import { OktaConfiguration } from "../models/oktaConfiguration";
@@ -20,7 +20,7 @@ export class ConfigCommand {
   private directory: DirectoryType;
   private ldap = new LdapConfiguration();
   private gsuite = new GSuiteConfiguration();
-  private entra = new EntraIdConfiguration();
+  private azure = new AzureConfiguration();
   private okta = new OktaConfiguration();
   private oneLogin = new OneLoginConfiguration();
   private sync = new SyncConfiguration();
@@ -54,11 +54,8 @@ export class ConfigCommand {
         case "gsuite.key":
           await this.setGSuiteKey(value);
           break;
-        // Azure Active Directory was renamed to Entra ID, but we've kept the old key name
-        // to be backwards compatible with existing configurations.
         case "azure.key":
-        case "entra.key":
+          await this.setAzureKey(value);
-          await this.setEntraIdKey(value);
           break;
         case "okta.token":
           await this.setOktaToken(value);
@@ -105,9 +102,9 @@ export class ConfigCommand {
     await this.saveConfig();
   }
 
-  private async setEntraIdKey(key: string) {
+  private async setAzureKey(key: string) {
     await this.loadConfig();
-    this.entra.key = key;
+    this.azure.key = key;
     await this.saveConfig();
   }
 
@@ -130,9 +127,10 @@ export class ConfigCommand {
     this.gsuite =
       (await this.stateService.getDirectory<GSuiteConfiguration>(DirectoryType.GSuite)) ||
       this.gsuite;
-    this.entra =
+    this.azure =
-      (await this.stateService.getDirectory<EntraIdConfiguration>(DirectoryType.EntraID)) ||
+      (await this.stateService.getDirectory<AzureConfiguration>(
-      this.entra;
+        DirectoryType.AzureActiveDirectory,
+      )) || this.azure;
     this.okta =
       (await this.stateService.getDirectory<OktaConfiguration>(DirectoryType.Okta)) || this.okta;
     this.oneLogin =
@@ -146,7 +144,7 @@ export class ConfigCommand {
     await this.stateService.setDirectoryType(this.directory);
     await this.stateService.setDirectory(DirectoryType.Ldap, this.ldap);
     await this.stateService.setDirectory(DirectoryType.GSuite, this.gsuite);
-    await this.stateService.setDirectory(DirectoryType.EntraID, this.entra);
+    await this.stateService.setDirectory(DirectoryType.AzureActiveDirectory, this.azure);
     await this.stateService.setDirectory(DirectoryType.Okta, this.okta);
     await this.stateService.setDirectory(DirectoryType.OneLogin, this.oneLogin);
     await this.stateService.setSync(this.sync);

src/enums/directoryType.ts

@@ -1,6 +1,6 @@
 export enum DirectoryType {
   Ldap = 0,
-  EntraID = 1,
+  AzureActiveDirectory = 1,
   GSuite = 2,
   Okta = 3,
   OneLogin = 4,

src/models/account.ts

@@ -2,7 +2,7 @@ import { Account as BaseAccount } from "@/jslib/common/src/models/domain/account
 
 import { DirectoryType } from "@/src/enums/directoryType";
 
-import { EntraIdConfiguration } from "./entraIdConfiguration";
+import { AzureConfiguration } from "./azureConfiguration";
 import { GSuiteConfiguration } from "./gsuiteConfiguration";
 import { LdapConfiguration } from "./ldapConfiguration";
 import { OktaConfiguration } from "./oktaConfiguration";
@@ -29,10 +29,7 @@ export class ClientKeys {
 export class DirectoryConfigurations {
   ldap: LdapConfiguration;
   gsuite: GSuiteConfiguration;
-  entra: EntraIdConfiguration;
+  azure: AzureConfiguration;
-  // Azure Active Directory was renamed to Entra ID, but we've kept the old account property name
-  // to be backwards compatible with existing configurations.
-  azure: EntraIdConfiguration;
   okta: OktaConfiguration;
   oneLogin: OneLoginConfiguration;
 }

src/models/azureConfiguration.ts

@@ -1,6 +1,6 @@
 import { IConfiguration } from "./IConfiguration";
 
-export class EntraIdConfiguration implements IConfiguration {
+export class AzureConfiguration implements IConfiguration {
   identityAuthority: string;
   tenant: string;
   applicationId: string;

src/program.ts

@@ -190,7 +190,7 @@ export class Program extends BaseProgram {
         writeLn("    server - On-premise hosted installation URL.");
         writeLn("    directory - The type of directory to use.");
         writeLn("    ldap.password - The password for connection to this LDAP server.");
-        writeLn("    entra.key - The Entra Id secret key.");
+        writeLn("    azure.key - The Azure AD secret key.");
         writeLn("    gsuite.key - The G Suite private key.");
         writeLn("    okta.token - The Okta token.");
         writeLn("    onelogin.secret - The OneLogin client secret.");
@@ -202,7 +202,7 @@ export class Program extends BaseProgram {
         writeLn("    bwdc config directory 1");
         writeLn("    bwdc config ldap.password <password>");
         writeLn("    bwdc config ldap.password --secretenv LDAP_PWD");
-        writeLn("    bwdc config entra.key <key>");
+        writeLn("    bwdc config azure.key <key>");
         writeLn("    bwdc config gsuite.key <key>");
         writeLn("    bwdc config okta.token <token>");
         writeLn("    bwdc config onelogin.secret <secret>");

src/services/azure-directory.service.ts

@@ -9,7 +9,7 @@ import { LogService } from "@/jslib/common/src/abstractions/log.service";
 
 import { StateService } from "../abstractions/state.service";
 import { DirectoryType } from "../enums/directoryType";
-import { EntraIdConfiguration } from "../models/entraIdConfiguration";
+import { AzureConfiguration } from "../models/azureConfiguration";
 import { GroupEntry } from "../models/groupEntry";
 import { SyncConfiguration } from "../models/syncConfiguration";
 import { UserEntry } from "../models/userEntry";
@@ -17,10 +17,10 @@ import { UserEntry } from "../models/userEntry";
 import { BaseDirectoryService } from "./baseDirectory.service";
 import { IDirectoryService } from "./directory.service";
 
-const EntraIdPublicIdentityAuthority = "login.microsoftonline.com";
+const AzurePublicIdentityAuhtority = "login.microsoftonline.com";
-const EntraIdPublicGraphEndpoint = "https://graph.microsoft.com";
+const AzurePublicGraphEndpoint = "https://graph.microsoft.com";
-const EntraIdGovernmentIdentityAuthority = "login.microsoftonline.us";
+const AzureGovermentIdentityAuhtority = "login.microsoftonline.us";
-const EntraIdGovernmentGraphEndpoint = "https://graph.microsoft.us";
+const AzureGovernmentGraphEndpoint = "https://graph.microsoft.us";
 
 const NextLink = "@odata.nextLink";
 const DeltaLink = "@odata.deltaLink";
@@ -34,9 +34,9 @@ enum UserSetType {
   ExcludeGroup,
 }
 
-export class EntraIdDirectoryService extends BaseDirectoryService implements IDirectoryService {
+export class AzureDirectoryService extends BaseDirectoryService implements IDirectoryService {
   private client: graph.Client;
-  private dirConfig: EntraIdConfiguration;
+  private dirConfig: AzureConfiguration;
   private syncConfig: SyncConfiguration;
   private accessToken: string;
   private accessTokenExpiration: Date;
@@ -52,12 +52,12 @@ export class EntraIdDirectoryService extends BaseDirectoryService implements IDi
 
   async getEntries(force: boolean, test: boolean): Promise<[GroupEntry[], UserEntry[]]> {
     const type = await this.stateService.getDirectoryType();
-    if (type !== DirectoryType.EntraID) {
+    if (type !== DirectoryType.AzureActiveDirectory) {
       return;
     }
 
-    this.dirConfig = await this.stateService.getDirectory<EntraIdConfiguration>(
+    this.dirConfig = await this.stateService.getDirectory<AzureConfiguration>(
-      DirectoryType.EntraID,
+      DirectoryType.AzureActiveDirectory,
     );
     if (this.dirConfig == null) {
       return;
@@ -459,10 +459,10 @@ export class EntraIdDirectoryService extends BaseDirectoryService implements IDi
         const identityAuthority =
           this.dirConfig.identityAuthority != null
             ? this.dirConfig.identityAuthority
-            : EntraIdPublicIdentityAuthority;
+            : AzurePublicIdentityAuhtority;
         if (
-          identityAuthority !== EntraIdPublicIdentityAuthority &&
+          identityAuthority !== AzurePublicIdentityAuhtority &&
-          identityAuthority !== EntraIdGovernmentIdentityAuthority
+          identityAuthority !== AzureGovermentIdentityAuhtority
         ) {
           done(new Error(this.i18nService.t("dirConfigIncomplete")), null);
           return;
@@ -546,8 +546,8 @@ export class EntraIdDirectoryService extends BaseDirectoryService implements IDi
   }
 
   private getGraphApiEndpoint(): string {
-    return this.dirConfig.identityAuthority === EntraIdGovernmentIdentityAuthority
+    return this.dirConfig.identityAuthority === AzureGovermentIdentityAuhtority
-      ? EntraIdGovernmentGraphEndpoint
+      ? AzureGovernmentGraphEndpoint
-      : EntraIdPublicGraphEndpoint;
+      : AzurePublicGraphEndpoint;
   }
 }

src/services/directory-factory.service.ts

@@ -5,7 +5,7 @@ import { DirectoryFactoryService } from "../abstractions/directory-factory.servi
 import { StateService } from "../abstractions/state.service";
 import { DirectoryType } from "../enums/directoryType";
 
-import { EntraIdDirectoryService } from "./entra-id-directory.service";
+import { AzureDirectoryService } from "./azure-directory.service";
 import { GSuiteDirectoryService } from "./gsuite-directory.service";
 import { LdapDirectoryService } from "./ldap-directory.service";
 import { OktaDirectoryService } from "./okta-directory.service";
@@ -22,8 +22,8 @@ export class DefaultDirectoryFactoryService implements DirectoryFactoryService {
     switch (directoryType) {
       case DirectoryType.GSuite:
         return new GSuiteDirectoryService(this.logService, this.i18nService, this.stateService);
-      case DirectoryType.EntraID:
+      case DirectoryType.AzureActiveDirectory:
-        return new EntraIdDirectoryService(this.logService, this.i18nService, this.stateService);
+        return new AzureDirectoryService(this.logService, this.i18nService, this.stateService);
       case DirectoryType.Ldap:
         return new LdapDirectoryService(this.logService, this.i18nService, this.stateService);
       case DirectoryType.Okta:

src/services/state.service.ts

@@ -11,7 +11,7 @@ import { StateService as StateServiceAbstraction } from "@/src/abstractions/stat
 import { DirectoryType } from "@/src/enums/directoryType";
 import { IConfiguration } from "@/src/models/IConfiguration";
 import { Account } from "@/src/models/account";
-import { EntraIdConfiguration } from "@/src/models/entraIdConfiguration";
+import { AzureConfiguration } from "@/src/models/azureConfiguration";
 import { GSuiteConfiguration } from "@/src/models/gsuiteConfiguration";
 import { LdapConfiguration } from "@/src/models/ldapConfiguration";
 import { OktaConfiguration } from "@/src/models/oktaConfiguration";
@@ -21,10 +21,7 @@ import { SyncConfiguration } from "@/src/models/syncConfiguration";
 const SecureStorageKeys = {
   ldap: "ldapPassword",
   gsuite: "gsuitePrivateKey",
-  // Azure Active Directory was renamed to Entra ID, but we've kept the old property name
-  // to be backwards compatible with existing configurations.
   azure: "azureKey",
-  entra: "entraKey",
   okta: "oktaToken",
   oneLogin: "oneLoginClientSecret",
   userDelta: "userDeltaToken",
@@ -71,8 +68,8 @@ export class StateService
         case DirectoryType.Ldap:
           (configWithSecrets as any).password = await this.getLdapKey();
           break;
-        case DirectoryType.EntraID:
+        case DirectoryType.AzureActiveDirectory:
-          (configWithSecrets as any).key = await this.getEntraKey();
+          (configWithSecrets as any).key = await this.getAzureKey();
           break;
         case DirectoryType.Okta:
           (configWithSecrets as any).token = await this.getOktaKey();
@@ -96,7 +93,7 @@ export class StateService
     config:
       | LdapConfiguration
       | GSuiteConfiguration
-      | EntraIdConfiguration
+      | AzureConfiguration
       | OktaConfiguration
       | OneLoginConfiguration,
   ): Promise<any> {
@@ -109,11 +106,11 @@ export class StateService
           await this.setLdapConfiguration(ldapConfig);
           break;
         }
-        case DirectoryType.EntraID: {
+        case DirectoryType.AzureActiveDirectory: {
-          const entraConfig = config as EntraIdConfiguration;
+          const azureConfig = config as AzureConfiguration;
-          await this.setEntraKey(entraConfig.key);
+          await this.setAzureKey(azureConfig.key);
-          entraConfig.key = StoredSecurely;
+          azureConfig.key = StoredSecurely;
-          await this.setEntraConfiguration(entraConfig);
+          await this.setAzureConfiguration(azureConfig);
           break;
         }
         case DirectoryType.Okta: {
@@ -190,32 +187,23 @@ export class StateService
     );
   }
 
-  private async getEntraKey(options?: StorageOptions): Promise<string> {
+  private async getAzureKey(options?: StorageOptions): Promise<string> {
     options = this.reconcileOptions(options, await this.defaultSecureStorageOptions());
     if (options?.userId == null) {
       return null;
     }
-
-    const entraKey = await this.secureStorageService.get<string>(
-      `${options.userId}_${SecureStorageKeys.entra}`,
-    );
-
-    if (entraKey != null) {
-      return entraKey;
-    }
-
     return await this.secureStorageService.get<string>(
       `${options.userId}_${SecureStorageKeys.azure}`,
     );
   }
 
-  private async setEntraKey(value: string, options?: StorageOptions): Promise<void> {
+  private async setAzureKey(value: string, options?: StorageOptions): Promise<void> {
     options = this.reconcileOptions(options, await this.defaultSecureStorageOptions());
     if (options?.userId == null) {
       return;
     }
     await this.secureStorageService.save(
-      `${options.userId}_${SecureStorageKeys.entra}`,
+      `${options.userId}_${SecureStorageKeys.azure}`,
       value,
       options,
     );
@@ -271,8 +259,8 @@ export class StateService
         return await this.getLdapConfiguration();
       case DirectoryType.GSuite:
         return await this.getGsuiteConfiguration();
-      case DirectoryType.EntraID:
+      case DirectoryType.AzureActiveDirectory:
-        return await this.getEntraConfiguration();
+        return await this.getAzureConfiguration();
       case DirectoryType.Okta:
         return await this.getOktaConfiguration();
       case DirectoryType.OneLogin:
@@ -317,28 +305,17 @@ export class StateService
     );
   }
 
-  async getEntraConfiguration(options?: StorageOptions): Promise<EntraIdConfiguration> {
+  async getAzureConfiguration(options?: StorageOptions): Promise<AzureConfiguration> {
-    const entraConfig = (
-      await this.getAccount(this.reconcileOptions(options, await this.defaultOnDiskOptions()))
-    )?.directoryConfigurations?.entra;
-
-    if (entraConfig != null) {
-      return entraConfig;
-    }
-
     return (
       await this.getAccount(this.reconcileOptions(options, await this.defaultOnDiskOptions()))
     )?.directoryConfigurations?.azure;
   }
 
-  async setEntraConfiguration(
+  async setAzureConfiguration(value: AzureConfiguration, options?: StorageOptions): Promise<void> {
-    value: EntraIdConfiguration,
-    options?: StorageOptions,
-  ): Promise<void> {
     const account = await this.getAccount(
       this.reconcileOptions(options, await this.defaultOnDiskOptions()),
     );
-    account.directoryConfigurations.entra = value;
+    account.directoryConfigurations.azure = value;
     await this.saveAccount(
       account,
       this.reconcileOptions(options, await this.defaultOnDiskOptions()),

src/services/stateMigration.service.ts

@@ -3,7 +3,7 @@ import { StateMigrationService as BaseStateMigrationService } from "@/jslib/comm
 
 import { DirectoryType } from "@/src/enums/directoryType";
 import { Account, DirectoryConfigurations, DirectorySettings } from "@/src/models/account";
-import { EntraIdConfiguration } from "@/src/models/entraIdConfiguration";
+import { AzureConfiguration } from "@/src/models/azureConfiguration";
 import { GSuiteConfiguration } from "@/src/models/gsuiteConfiguration";
 import { LdapConfiguration } from "@/src/models/ldapConfiguration";
 import { OktaConfiguration } from "@/src/models/oktaConfiguration";
@@ -14,7 +14,6 @@ const SecureStorageKeys: { [key: string]: any } = {
   ldap: "ldapPassword",
   gsuite: "gsuitePrivateKey",
   azure: "azureKey",
-  entra: "entraIdKey",
   okta: "oktaToken",
   oneLogin: "oneLoginClientSecret",
   directoryConfigPrefix: "directoryConfig_",
@@ -105,16 +104,13 @@ export class StateMigrationService extends BaseStateMigrationService {
       }
     };
 
-    // Initialize typed objects from key/value pairs in storage to either be saved temporarily until an account is authed or applied to the active account
+    // Initilize typed objects from key/value pairs in storage to either be saved temporarily until an account is authed or applied to the active account
     const getDirectoryConfig = async <T>(type: DirectoryType) =>
       await this.get<T>(SecureStorageKeys.directoryConfigPrefix + type);
     const directoryConfigs: DirectoryConfigurations = {
       ldap: await getDirectoryConfig<LdapConfiguration>(DirectoryType.Ldap),
       gsuite: await getDirectoryConfig<GSuiteConfiguration>(DirectoryType.GSuite),
-      // Azure Active Directory was renamed to Entra ID, but we've kept the old property name
+      azure: await getDirectoryConfig<AzureConfiguration>(DirectoryType.AzureActiveDirectory),
-      // to be backwards compatible with existing configurations.
-      azure: await getDirectoryConfig<EntraIdConfiguration>(DirectoryType.EntraID),
-      entra: await getDirectoryConfig<EntraIdConfiguration>(DirectoryType.EntraID),
       okta: await getDirectoryConfig<OktaConfiguration>(DirectoryType.Okta),
       oneLogin: await getDirectoryConfig<OneLoginConfiguration>(DirectoryType.OneLogin),
     };