bitwarden/help
1
0
Fork 0
mirror of https://github.com/bitwarden/help synced 2026-01-04 01:23:29 +00:00
Code Issues Releases Wiki Activity
Files
d4efd98c1557952542df1e2590d5c8e79df6947f
help/_articles/login-with-sso/about-sso.md
fred_the_tech_writer d4efd98c15 10-21 (#775) 
* policies

* auto-scaling seats

* pw reset

* custom role collections permissions

* automatic biometric prompt

* web vault dark mode

* custom field autofill article & section on <span>s

* cli passphrase options

* bye bye, business portal

* release notes

* merge latest from master

* fix typo

* redo timeout article

* export policy - owner/admin exemption

* biometric fix

* sso faq item
2021-10-27 07:56:36 -04:00

3.1 KiB
Raw Blame History

layout, title, categories, featured, popular, tags, order, redirect_from
layout title categories featured popular tags order redirect_from
article About Login with SSO
login-with-sso
true true
saml
saml2.0
single sign-on
sso
oidc
openid
openid connect
idp
identity provider
01
/article/getting-started-with-sso/

What is Login with SSO?

Login with SSO separates user authentication from Vault decryption by leveraging your existing Identity Provider (IdP) to authenticate users into their Bitwarden Vault and using Master Passwords for decryption of Vault data.

Login with SSO currently supports SAML 2.0 and OpenID Connect authentication for customers on the current Enterprise Plan.

Users of Bitwarden authenticate into their vaults using the Enterprise Single Sign-On button located on the login screen of any Bitwarden client application. For more information, see Using Login with SSO.

Administrators can configure Login with SSO from the Organization Manage screen.

{% image sso/sso-button-lg.png Enterprise Single Sign-On button %}

Requiring SSO for Users

Using the Single Sign-On Authentication policy, Enterprise Organizations can require non-Owner/non-Admin users to log in to Bitwarden with Enterprise Single Sign-On. For more information about setting up this policy, see Policies.

Enterprise Free Trial

Login with SSO is available for all customers on the current Enterprise plan (for more information, see About Bitwarden Plans. If you're new to Bitwarden, we'd love to help you through the process of setting up an account and starting your 7 Day Free Trial Enterprise Organization with our dedicated signup page:

Start your Enterprise Free Trial

If you're an experienced Bitwarden user, refer to the this article for help. If you're self-hosting Bitwarden, you will need to generate a new license file after starting your 7 Day Free Trial. We recommend using a separate Bitwarden instance for testing Login with SSO. For more information, see Licensing Paid Features.

Requirements

Login with SSO has the following requirements:

Identity Server Requirements

Your Identity Provider must support one of the following:

  • SAML 2.0
  • OpenID Connect (OIDC)

Client Application Requirements

Your Bitwarden client applications require the following versions:

  • Desktop Application: v1.2+
  • Browser Extension: v1.46+
  • Mobile App (Android or iOS): v2.6+
  • CLI: v1.12+ (Must run on systems with an available web browser)

Self-Hosting Requirements

If you are self-hosting Bitwarden, your installation must be on v1.37+.

For information on updating your self-hosted instance, see Updating your Self-Hosted Installation.

Workflow Diagram

The following diagram is an overview of the workflow used by Bitwarden to authenticate using SSO:

{%image /sso/sso-workflow.png Bitwarden SSO Workflow %}