906e2ca0dd
* initial commit
* adding quotes for the array error
* Create Gemfile
* Create Gemfile.lock
* add .nvmrc and .node-version
* removed /article from URL
* update links to work with netlify
* more fixed links
* link fixes
* update bad links
* Update netlify.toml
toml test for redirects
* article redirect
* link fixes
* Update index.html
* Update netlify.toml
* Update _config.yml
* Update netlify.toml
* Update netlify.toml
* Update netlify.toml
* Update netlify.toml
* Update netlify.toml
* add article back into URL for launch
* Update netlify.toml
* Update netlify.toml
* add order to categories front matter
* Update netlify.toml
* update
* sidemenu update
* Revert "sidemenu update"
This reverts commit 5441c3d35c.
* update order prop
* Navbar updates per Gary and compiler warnings
* font/style tweaks
* Update sidebar.html
* Stage Release Documentation (#739)
* initial drafts
* rewrite Custom Fields article to prioritize new context-menu option & better organize ancillary information
* edit
* edit
* Custom Field Context Menu & CAPTCHA item in release notes
* SSO relink event
* update rn
* small edits
* improve release notes titles
* fix side menu
* Edits courtest of mportune!
* update order
* link fixes
* link cleanup
* image updates and a link
* fix trailing slash
Co-authored-by: DanHillesheim <79476558+DanHillesheim@users.noreply.github.com>
4.9 KiB
layout, title, categories, featured, popular, hidden, tags, order
| layout | title | categories | featured | popular | hidden | tags | order | ||||
|---|---|---|---|---|---|---|---|---|---|---|---|
| article | Login with SSO FAQs |
|
true | false | false |
|
07 |
This article contains Frequently Asked Questions (FAQs) regarding Login with SSO.
For more high-level information about Login with SSO, refer to the following articles:
Using Login with SSO
Q: Will changing my SSO password affect my Bitwarden Master Password?
A: No. Your Master Password will remain the same and will still be used to decrypt your Vault data.
Q: Does SSO authentication replace my Master Password and Email?
A: No. Login with SSO leverages your existing Identity Provider (IdP) to authenticate you into Bitwarden, however your Master Password and Email must still be entered in order to decrypt your Vault data.
Q: Can I still log in with my Master Password if my Organization has SSO enabled?
A: By default, yes, you can use your email address and Master Password to login to Bitwarden. However, if your Organization enables both the Single Organization and Single Sign-On Authentication policies, all non-administrator users will be required to login with SSO.
Q: How does Login with SSO work for new users ("just-in-time")?
A: New users who log into their Organization using Login with SSO will be placed in the Accepted status of their Organization until they are confirmed by an administrator. When that user is assigned to a Group manually or via the Bitwarden Directory Connector, they will receive access to the appropriate shared items.
Q: Do I still need to use Bitwarden Directory Connector?
A: If you manage your Bitwarden Group and Collection assignments directly within Bitwarden, there is no need to leverage the Directory Connector. However, if you would like to have Groups and users automatically synchronized with your organizations directory, we recommend using Login with SSO in conjunction with Directory Connector for the most complete solution.
Q: Do I need to enter my Organization Identifier every time I login?
A: Nope! Bookmarking the Enterprise Single Sign-On page with your Organization Identifier included as a query string will save you the trouble of entering it each time. For example:
https://vault.bitwarden.com/#/sso?identifier=your-org-idfor Cloud-hosted instanceshttps://your.domain.com/#/sso?identifier=your-org-idfor Self-hosted instances
Security
Q: How does Login with SSO work with the zero-knowledge model?
A: Bitwarden Login with SSO only performs user authentication and does not decrypt user data. Adding SSO functionality does not introduce any further individually identifiable information into the Bitwarden database.
Billing
Q: What plans offer Login with SSO?
A: Only our current Enterprise Plan offers this feature. For more information, see here.
Q: How do I upgrade my plan so that I can use Login with SSO?
A: Contact Us and select Upgrade/Change Plan from the Subject dropdown menu. We highly recommend you test Login with SSO by starting a 7 Day Enterprise Free Trial.
Q: I would like to test Login with SSO. If I decide I don't need it, can I revert to my Classic 2019 plan?
A: Unfortunately, we aren't able to revert you back to a Classic 2019 plan once you've upgraded. We recommend creating a new Organization to start a 7 Day Enterprise Free Trial to test Login with SSO outside of your Primary Organization.
Supportability
Q: Does Bitwarden support OAuth 2.0?
A: Bitwarden supports OpenID Connect, but does not support OAuth at this time.
Q: Will Login with SSO work with a self-hosted instance of Bitwarden?
A: Yes! Login with SSO will work with self-hosted instances regardless of whether they are on-premises or in your own cloud, as long as your Identity Server is reachable from the instance.
Q: Does Login with SSO work across hybrid cloud environments?
A: Yes! Login with SSO only requires the ability to connect to your Identity Provider from your instance of Bitwarden. It can be used with Cloud or on-premises Identity providers, as well as Cloud or self-hosted Bitwarden instances.
Q: If my Identity Provider is offline, can users user Login with SSO to authenticate into Bitwarden?
A: If your Identity Provider is offline, users must log in using their email and Master Password. This may change in the future as we enable further authentication control mechanisms for Organizations.