manually resolving the duo_security package with https instead of ssh (#1053 )

New Crowdin updates (#1052 )
* New translations messages.json (Romanian) * New translations messages.json (Croatian) * New translations messages.json (Turkish) * New translations messages.json (Ukrainian) * New translations messages.json (Chinese Simplified) * New translations messages.json (Chinese Traditional) * New translations messages.json (Vietnamese) * New translations messages.json (Portuguese, Brazilian) * New translations messages.json (Indonesian) * New translations messages.json (Bengali) * New translations messages.json (Estonian) * New translations messages.json (Serbian (Cyrillic)) * New translations messages.json (Latvian) * New translations messages.json (English, United Kingdom) * New translations messages.json (Esperanto) * New translations messages.json (Malayalam) * New translations messages.json (Sinhala) * New translations messages.json (Kannada) * New translations messages.json (Norwegian Bokmal) * New translations messages.json (Serbian (Latin)) * New translations messages.json (Swedish) * New translations messages.json (Slovenian) * New translations messages.json (French) * New translations messages.json (Greek) * New translations messages.json (Spanish) * New translations messages.json (Afrikaans) * New translations messages.json (Belarusian) * New translations messages.json (Bulgarian) * New translations messages.json (Catalan) * New translations messages.json (Czech) * New translations messages.json (Danish) * New translations messages.json (German) * New translations messages.json (Finnish) * New translations messages.json (Slovak) * New translations messages.json (Hebrew) * New translations messages.json (Hungarian) * New translations messages.json (Italian) * New translations messages.json (Japanese) * New translations messages.json (Korean) * New translations messages.json (Dutch) * New translations messages.json (Polish) * New translations messages.json (Portuguese) * New translations messages.json (Russian) * New translations messages.json (English, India)
2025-12-06 00:03:28 +00:00 · 2021-06-29 20:24:14 -07:00 · 2021-06-29 15:40:50 -04:00 · 2021-06-28 12:38:48 -05:00 · 2021-06-22 15:44:56 -04:00 · 2021-06-21 19:17:46 -04:00
319 changed files with 99339 additions and 16520 deletions
--- a/.editorconfig
+++ b/.editorconfig
@@ -1,4 +1,4 @@
-# EditorConfig is awesome: http://EditorConfig.org
+# EditorConfig is awesome: https://EditorConfig.org

 # top-most EditorConfig file
 root = true
@@ -13,3 +13,6 @@ insert_final_newline = true
 charset = utf-8
 indent_style = space
 indent_size = 4
+
+[*.{ts}]
+quote_type = single
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -0,0 +1,169 @@
+name: build
+
+on:
+  push:
+    branches-ignore:
+      - 'l10n_master'
+      - 'gh-pages'
+
+jobs:
+  cloc:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout repo
+        uses: actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f
+
+      - name: Set up cloc
+        run: |
+          sudo apt update
+          sudo apt -y install cloc
+
+      - name: Print lines of code
+        run: cloc --include-lang TypeScript,JavaScript,HTML,Sass,CSS --vcs git
+
+  ubuntu:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Set up Node
+        uses: actions/setup-node@46071b5c7a2e0c34e49c3cb8a0e792e86e18d5ea
+        with:
+          node-version: '14'
+
+      - name: Update NPM
+        run: |
+          npm install -g npm@7
+
+      - name: Print environment
+        run: |
+          whoami
+          node --version
+          npm --version
+          gulp --version
+          docker --version
+          echo "GitHub ref: $GITHUB_REF"
+          echo "GitHub event: $GITHUB_EVENT"
+
+      - name: Login to Azure
+        if: github.ref == 'refs/heads/master' || github.ref == 'refs/heads/rc'
+        uses: Azure/login@77f1b2e3fb80c0e8645114159d17008b8a2e475a
+        with:
+          creds: ${{ secrets.AZURE_PROD_KV_CREDENTIALS }}
+
+      - name: Retrieve secrets
+        if: github.ref == 'refs/heads/master' || github.ref == 'refs/heads/rc'
+        id: retrieve-secrets
+        uses: Azure/get-keyvault-secrets@80ccd3fafe5662407cc2e55f202ee34bfff8c403
+        with:
+          keyvault: "bitwarden-prod-kv"
+          secrets: "docker-password, 
+                    docker-username,
+                    dct-delegate-2-repo-passphrase,
+                    dct-delegate-2-key"
+
+      - name: Log into Docker
+        if: github.ref == 'refs/heads/master' || github.ref == 'refs/heads/rc'
+        run: echo "$DOCKER_PASSWORD" | docker login -u "$DOCKER_USERNAME" --password-stdin
+        env:
+          DOCKER_USERNAME: ${{ steps.retrieve-secrets.outputs.docker-username }}
+          DOCKER_PASSWORD: ${{ steps.retrieve-secrets.outputs.docker-password }}
+
+      - name: Setup Docker Trust
+        if: github.ref == 'refs/heads/master' || github.ref == 'refs/heads/rc'
+        run: |
+          mkdir -p ~/.docker/trust/private
+
+          echo "$DCT_DELEGATE_KEY" > ~/.docker/trust/private/$DCT_DELEGATION_KEY_ID.key
+        env:
+          DCT_DELEGATION_KEY_ID: "c9bde8ec820701516491e5e03d3a6354e7bd66d05fa3df2b0062f68b116dc59c"
+          DCT_DELEGATE_KEY: ${{ steps.retrieve-secrets.outputs.dct-delegate-2-key }}
+
+      - name: Checkout repo
+        uses: actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f
+
+      - name: Restore
+        run: dotnet tool restore
+
+      - name: Build
+        run: |
+          echo -e "# Building Web\n"
+          echo "Building app"
+          echo "npm version $(npm --version)"
+          npm install
+          npm run dist:selfhost
+
+          echo -e "\nBuilding Docker image"
+          docker --version
+          docker build -t bitwarden/web .
+
+      - name: Tag rc branch
+        if: github.ref == 'refs/heads/rc'
+        run: docker tag bitwarden/web bitwarden/web:rc
+
+      - name: Tag dev
+        if: github.ref == 'refs/heads/master'
+        run: docker tag bitwarden/web bitwarden/web:dev
+
+      - name: List Docker images
+        if: github.ref == 'refs/heads/master' || github.ref == 'refs/heads/rc'
+        run: docker images
+
+      - name: Push rc images
+        if: github.ref == 'refs/heads/rc'
+        run: docker push bitwarden/web:rc
+        env: 
+          DOCKER_CONTENT_TRUST: 1
+          DOCKER_CONTENT_TRUST_REPOSITORY_PASSPHRASE: ${{ steps.retrieve-secrets.outputs.dct-delegate-2-repo-passphrase }}
+
+      - name: Push dev images
+        if: github.ref == 'refs/heads/master'
+        run: docker push bitwarden/web:dev
+        env: 
+          DOCKER_CONTENT_TRUST: 1
+          DOCKER_CONTENT_TRUST_REPOSITORY_PASSPHRASE: ${{ steps.retrieve-secrets.outputs.dct-delegate-2-repo-passphrase }}
+
+      - name: Log out of Docker
+        if: github.ref == 'refs/heads/master' || github.ref == 'refs/heads/rc'
+        run: docker logout
+
+  windows:
+    runs-on: windows-latest
+    steps:
+      - name: Set up NuGet
+        uses: nuget/setup-nuget@04b0c2b8d1b97922f67eca497d7cf0bf17b8ffe1
+        with:
+          nuget-version: 'latest'
+
+      - name: Set up MSBuild
+        uses: microsoft/setup-msbuild@c26a08ba26249b81327e26f6ef381897b6a8754d
+
+      - name: Set up Node
+        uses: actions/setup-node@46071b5c7a2e0c34e49c3cb8a0e792e86e18d5ea
+        with:
+          node-version: '14'
+
+      - name: Update NPM
+        run: |
+          npm install -g npm@7
+
+      - name: Print environment
+        run: |
+          nuget help | grep Version
+          msbuild -version
+          dotnet --info
+          node --version
+          npm --version
+          echo "GitHub ref: $GITHUB_REF"
+          echo "GitHub event: $GITHUB_EVENT"
+        env:
+          GITHUB_REF: ${{ github.ref }}
+          GITHUB_EVENT: ${{ github.event_name }}
+
+      - name: Checkout repo
+        uses: actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f
+
+      - name: npm install
+        run: npm install
+
+      - name: npm build
+        run: npm run build:prod
+
--- a/.github/workflows/deploy.yml
+++ b/.github/workflows/deploy.yml
@@ -0,0 +1,70 @@
+name: Deploy
+
+on: 
+  workflow_dispatch:
+    inputs:
+      release_version:
+        description: "Release Tag Version <vX.X.X>"
+        required: true
+  release:
+    types:
+      - published
+
+
+jobs:
+  deploy:
+    name: Deploy Web Vault
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout Repo
+        uses: actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f  # v2.3.4
+        with:
+          ref: gh-pages
+
+      - name: Get release version
+        id: release-version
+        run: |
+          if [[ "${{ github.event_name }}" == "release" ]]; then
+              echo "::set-output name=version::${{ github.event.release.tag_name }}"
+          else
+              echo "::set-output name=version::${{ github.event.inputs.release_version }}"
+          fi
+
+      - name: Create deploy branch
+        run: |
+          git switch -c deploy-${{ steps.release-version.outputs.version }}
+          git push -u origin deploy-${{ steps.release-version.outputs.version }}
+
+      - name: Checkout Repo
+        uses: actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f  # v2.3.4
+        with:
+          ref: rc
+
+      - name: setup git config
+        run: |
+          git config user.name = "GitHub Action Bot"
+          git config user.email = "<>"
+
+      - name: Install and Build
+        run: |
+          npm install
+          npm run dist
+
+      - name: Deploy GitHub Pages
+        uses: crazy-max/ghaction-github-pages@db4476a01402e1a7ce05f41832040eef16d14925  # v2.5.0
+        with:
+          target_branch: deploy-${{ steps.release-version.outputs.version }}
+          build_dir: build
+          keep_history: true
+          commit_message: "Staging deploy ${{ steps.release-version.outputs.version }}"
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Create Deploy PR
+        run: |
+          gh pr create --title "Deploy $VERSION" --body "Deploying $VERSION" --base gh-pages --head "$PR_BRANCH"
+        env:
+          VERSION: ${{ steps.release-version.outputs.version }}
+          PR_BRANCH: deploy-${{ steps.release-version.outputs.version }}
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -0,0 +1,157 @@
+name: Release
+
+on:
+  workflow_dispatch:
+    inputs:
+      release_tag_name_input:
+        description: "Release Tag Name <X.X.X>"
+        required: true
+
+jobs:
+  setup:
+    runs-on: ubuntu-latest
+    outputs:
+      release_upload_url: ${{ steps.create_release.outputs.upload_url }}
+      release_version: ${{ steps.create_tags.outputs.package_version }}
+      tag_version: ${{ steps.create_tags.outputs.tag_version }}
+    steps:
+      - name: Branch check
+        run: |
+          if [[ "$GITHUB_REF" != "refs/heads/rc" ]]; then
+            echo "==================================="
+            echo "[!] Can only release from rc branch"
+            echo "==================================="
+            exit 1
+          fi
+
+      - name: Checkout repo
+        uses: actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f  # 2.3.4
+
+      - name: Create Release Vars
+        id: create_tags
+        run: |
+          case "${RELEASE_TAG_NAME_INPUT:0:1}" in
+            v)
+              echo "RELEASE_NAME=${RELEASE_TAG_NAME_INPUT:1}" >> $GITHUB_ENV
+              echo "RELEASE_TAG_NAME=$RELEASE_TAG_NAME_INPUT" >> $GITHUB_ENV
+              echo "::set-output name=package_version::${RELEASE_TAG_NAME_INPUT:1}"
+              echo "::set-output name=tag_version::$RELEASE_TAG_NAME_INPUT"
+              ;;
+            [0-9])
+              echo "RELEASE_NAME=$RELEASE_TAG_NAME_INPUT" >> $GITHUB_ENV
+              echo "RELEASE_TAG_NAME=v$RELEASE_TAG_NAME_INPUT" >> $GITHUB_ENV
+              echo "::set-output name=package_version::$RELEASE_TAG_NAME_INPUT"
+              echo "::set-output name=tag_version::v$RELEASE_TAG_NAME_INPUT"
+              ;;
+            *)
+              exit 1
+              ;;
+          esac
+        env:
+          RELEASE_TAG_NAME_INPUT: ${{ github.event.inputs.release_tag_name_input }}
+
+      - name: Create Draft Release
+        id: create_release
+        uses: actions/create-release@0cb9c9b65d5d1901c1f53e5e66eaf4afd303e70e  # 1.1.4 - Repo Archived
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        with:
+          tag_name: ${{ env.RELEASE_TAG_NAME }}
+          release_name: Version ${{ env.RELEASE_NAME }}
+          draft: true
+          prerelease: false
+
+  ubuntu:
+    runs-on: ubuntu-latest
+    needs: setup
+    env:
+      RELEASE_VERSION: ${{ needs.setup.outputs.release_version }}
+    steps:
+      - name: Set up Node
+        uses: actions/setup-node@46071b5c7a2e0c34e49c3cb8a0e792e86e18d5ea
+        with:
+          node-version: '14'
+
+      - name: Update NPM
+        run: |
+          npm install -g npm@7
+
+      - name: Print environment
+        run: |
+          whoami
+          node --version
+          npm --version
+          gulp --version
+          docker --version
+          echo "GitHub ref: $GITHUB_REF"
+          echo "GitHub event: $GITHUB_EVENT"
+
+      - name: Login to Azure
+        uses: Azure/login@77f1b2e3fb80c0e8645114159d17008b8a2e475a
+        with:
+          creds: ${{ secrets.AZURE_PROD_KV_CREDENTIALS }}
+
+      - name: Retrieve secrets
+        id: retrieve-secrets
+        uses: Azure/get-keyvault-secrets@80ccd3fafe5662407cc2e55f202ee34bfff8c403
+        with:
+          keyvault: "bitwarden-prod-kv"
+          secrets: "docker-password, 
+                    docker-username,
+                    dct-delegate-2-repo-passphrase,
+                    dct-delegate-2-key"
+
+      - name: Log into Docker
+        run: echo "$DOCKER_PASSWORD" | docker login -u "$DOCKER_USERNAME" --password-stdin
+        env:
+          DOCKER_USERNAME: ${{ steps.retrieve-secrets.outputs.docker-username }}
+          DOCKER_PASSWORD: ${{ steps.retrieve-secrets.outputs.docker-password }}
+
+      - name: Setup Docker Trust
+        if: github.ref == 'refs/heads/master' || github.event_name == 'release' || github.ref == 'refs/heads/rc'
+        run: |
+          mkdir -p ~/.docker/trust/private
+
+          echo "$DCT_DELEGATE_KEY" > ~/.docker/trust/private/$DCT_DELEGATION_KEY_ID.key
+        env:
+          DCT_DELEGATION_KEY_ID: "c9bde8ec820701516491e5e03d3a6354e7bd66d05fa3df2b0062f68b116dc59c"
+          DCT_DELEGATE_KEY: ${{ steps.retrieve-secrets.outputs.dct-delegate-2-key }}
+
+      - name: Checkout repo
+        uses: actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f
+
+      - name: Restore
+        run: dotnet tool restore
+
+      - name: Build
+        run: |
+          echo -e "# Building Web\n"
+          echo "Building app"
+          echo "npm version $(npm --version)"
+          npm install
+          npm run dist:selfhost
+
+          echo -e "\nBuilding Docker image"
+          docker --version
+          docker build -t bitwarden/web .
+
+      - name: Tag version
+        run: docker tag bitwarden/web bitwarden/web:$RELEASE_VERSION
+
+      - name: List Docker images
+        run: docker images
+
+      - name: Push latest images
+        run: docker push bitwarden/web:latest
+        env: 
+          DOCKER_CONTENT_TRUST: 1
+          DOCKER_CONTENT_TRUST_REPOSITORY_PASSPHRASE: ${{ steps.retrieve-secrets.outputs.dct-delegate-2-repo-passphrase }}
+
+      - name: Push version images
+        run: docker push bitwarden/web:$RELEASE_VERSION
+        env:
+          DOCKER_CONTENT_TRUST: 1
+          DOCKER_CONTENT_TRUST_REPOSITORY_PASSPHRASE: ${{ steps.retrieve-secrets.outputs.dct-delegate-2-repo-passphrase }}
+
+      - name: Log out of Docker
+        run: docker logout
--- a/.gitignore
+++ b/.gitignore
@@ -11,3 +11,4 @@ dist/
 *.zip
 build/
 !dev-server.shared.pem
+config/development.json
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@@ -1,4 +1,32 @@
-Code contributions are welcome! Please commit any pull requests against the `master` branch.
+# How to Contribute
+
+Contributions of all kinds are welcome!
+
+Please visit our [Community Forums](https://community.bitwarden.com/) for general community discussion and the development roadmap.
+
+Here is how you can get involved:
+
+* **Request a new feature:** Go to the [Feature Requests category](https://community.bitwarden.com/c/feature-requests/) of the Community Forums. Please search existing feature requests before making a new one
+  
+* **Write code for a new feature:** Make a new post in the [Github Contributions category](https://community.bitwarden.com/c/github-contributions/) of the Community Forums. Include a description of your proposed contribution, screeshots, and links to any relevant feature requests. This helps get feedback from the community and Bitwarden team members before you start writing code
+  
+* **Report a bug or submit a bugfix:** Use Github issues and pull requests
+  
+* **Write documentation:** Submit a pull request to the [Bitwarden help repository](https://github.com/bitwarden/help)
+  
+* **Help other users:** Go to the [User-to-User Support category](https://community.bitwarden.com/c/support/) on the Community Forums
+  
+* **Translate:** See the localization (l10n) section below
+
+## Contributor Agreement
+
+Please sign the [Contributor Agreement](https://cla-assistant.io/bitwarden/web) if you intend on contributing to any Github repository. Pull requests cannot be accepted and merged unless the author has signed the Contributor Agreement.
+
+## Pull Request Guidelines
+
+* use `npm run lint` and fix any linting suggestions before submitting a pull request
+* commit any pull requests against the `master` branch
+* include a link to your Community Forums post

 # Localization (l10n)

--- a/README.md
+++ b/README.md
@@ -5,8 +5,8 @@
    The Bitwarden web project is an Angular application that powers the web vault (https://vault.bitwarden.com/).
 </p>
 <p align="center">
-  <a href="https://ci.appveyor.com/project/bitwarden/web/branch/master" target="_blank">
-    <img src="https://ci.appveyor.com/api/projects/status/github/bitwarden/web?branch=master&svg=true" alt="appveyor build" />
+  <a href="https://github.com/bitwarden/web/actions?query=branch:master" target="_blank">
+    <img src="https://github.com/bitwarden/web/actions/workflows/build.yml/badge.svg?branch=master" alt="Github Workflow build on master" />
  </a>
  <a href="https://crowdin.com/project/bitwarden-web" target="_blank">
    <img src="https://d322cqt584bo4o.cloudfront.net/bitwarden-web/localized.svg" alt="Crowdin" />
@@ -23,38 +23,48 @@

 ### Requirements

- [Node.js](https://nodejs.org) v8.11 or greater
+- [Node.js](https://nodejs.org) v14.17 or greater
+- NPM v7

 ### Run the app

+For local development, run the app with:
+
 ```
 npm install
 npm run build:watch
 ```

-You can now access the web vault in your browser at `https://localhost:8080`. You can adjust your API endpoint settings in `src/app/services/services.module.ts` by altering the `apiService.setUrls` call. For example:
+You can now access the web vault in your browser at `https://localhost:8080`.

-```typescript
-await apiService.setUrls({
-    base: isDev ? null : window.location.origin,
-    api: isDev ? 'http://mylocalapi' : null,
-    identity: isDev ? 'http://mylocalidentity' : null,
-});
+If you want to point the development web vault to the production APIs, you can run using:
+
+```
+npm install
+ENV=production npm run build:watch
 ```

-If you want to point the development web vault to the production APIs, you can set:
+You can also manually adjusting your API endpoint settings by adding `config/development.js` overriding any of the values in `config/base.json`. For example:

 ```typescript
-await apiService.setUrls({
-    base: null,
-    api: 'https://api.bitwarden.com',
-    identity: 'https://identity.bitwarden.com',
-});
+{
+    "proxyApi": "http://your-api-url",
+    "proxyIdentity": "http://your-identity-url",
+    "proxyEvents": "http://your-events-url",
+    "proxyNotifications": "http://your-notifications-url",
+    "proxyPortal": "http://your-portal-url",
+    "allowedHosts": ["hostnames-to-allow-in-webpack"]
+}
 ```

+To pick up the overrides in the newly created `config/development.js` file, run the app with:
+
+```
+npm run build:dev:watch
+```

 ## Contribute

-Code contributions are welcome! Please commit any pull requests against the `master` branch.
+Code contributions are welcome! Please commit any pull requests against the `master` branch. Learn more about how to contribute by reading the [`CONTRIBUTING.md`](CONTRIBUTING.md) file.

 Security audits and feedback are welcome. Please open an issue or email us privately if the report is sensitive in nature. You can read our security policy in the [`SECURITY.md`](SECURITY.md) file.
--- a/appveyor.yml
+++ b/appveyor.yml
@@ -1,83 +0,0 @@
-image:
- Visual Studio 2017
- Ubuntu1804
-
-branches:
-  except:
-    - l10n_master
-    - gh-pages
-
-services:
- docker
-
-stack: node 10
-
-init:
- ps: |
-    if($isWindows) {
-      Install-Product node 10
-    }
-
-install:
- ps: |
-    $env:PACKAGE_VERSION = (Get-Content -Raw -Path .\package.json | ConvertFrom-Json).version
-    $env:PUSH_DOCKER = "false"
-    $env:PROD_DEPLOY = "false"
-    $env:TAG_NAME = ""
-    if($env:APPVEYOR_REPO_TAG -eq "true" -and $env:APPVEYOR_RE_BUILD -eq "True") {
-      $env:PROD_DEPLOY = "true"
-      $env:TAG_NAME = $env:APPVEYOR_REPO_TAG_NAME.TrimStart("v")
-      echo "This is a production deployment for ${env:TAG_NAME}."
-    }
-    if("${env:DOCKER_USERNAME}" -ne "" -and "${env:DOCKER_PASSWORD}" -ne "") {
-      $env:PUSH_DOCKER = "true"
-    }
-    if($isWindows) {
-      choco install cloc --no-progress
-      cloc --include-lang TypeScript,JavaScript,HTML,Sass,CSS --vcs git
-    }
-
-before_build:
- node --version
- npm --version
- sh: |
-    if [ "${PUSH_DOCKER}" == "true" ]
-    then
-      echo "$DOCKER_PASSWORD" | docker login -u "$DOCKER_USERNAME" --password-stdin
-    fi
- cmd: set "GIT_PATH=C:\Program Files\Git\mingw64\libexec\git-core"
- cmd: set "PATH=%GIT_PATH%;%PATH%"
-
-build_script:
- sh: chmod +x ./build.sh
- ps: |
-    if($isLinux) {
-      ./build.sh
-      ./build.sh tag dev
-
-      if($env:PROD_DEPLOY -eq "true") {
-        ./build.sh tag beta
-        ./build.sh tag $env:TAG_NAME
-      }
-
-      docker images
-      
-      if($env:PUSH_DOCKER -eq "true") {
-        ./build.sh push dev
-
-        if($env:PROD_DEPLOY -eq "true") {
-          ./build.sh push beta
-          ./build.sh push latest
-          ./build.sh push $env:TAG_NAME
-        }
-      }
-    }
- cmd: npm install
- cmd: npm run build:prod
-
-after_build:
- sh: |
-    if [ "${PUSH_DOCKER}" == "true" ]
-    then
-      docker logout
-    fi
--- a/build.sh
+++ b/build.sh
@@ -1,33 +0,0 @@
-#!/usr/bin/env bash
-set -e
-
-DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
-
-echo ""
-
-if [ $# -gt 1 -a "$1" == "push" ]
-then
-    TAG=$2
-    echo "# Pushing Web ($TAG)"
-    echo ""
-    docker push bitwarden/web:$TAG
-elif [ $# -gt 1 -a "$1" == "tag" ]
-then
-    TAG=$2
-    echo "Tagging Web as '$TAG'"
-    docker tag bitwarden/web bitwarden/web:$TAG
-else
-    echo "# Building Web"
-
-    echo ""
-    echo "Building app"
-    echo "npm version $(npm --version)"
-    npm install
-    npm run sub:update
-    npm run dist:selfhost
-
-    echo ""
-    echo "Building docker image"
-    docker --version
-    docker build -t bitwarden/web $DIR/.
-fi
--- a/config.js
+++ b/config.js
@@ -0,0 +1,29 @@
+function load(envName) {
+    const envOverrides = {
+        'production': () => require('./config/production.json'),
+        'qa': () => require('./config/qa.json'),
+        'development': () => require('./config/development.json'),
+    };
+
+    const baseConfig = require('./config/base.json');
+    const overrideConfig = envOverrides.hasOwnProperty(envName) ? envOverrides[envName]() : {};
+
+    return {
+        ...baseConfig,
+        ...overrideConfig
+    };
+}
+
+function log(configObj) {
+    const repeatNum = 50
+    console.log(`${"=".repeat(repeatNum)}\nenvConfig`)
+    Object.entries(configObj).map(([key, value]) => {
+        console.log(`  ${key}: ${value}`)
+    })
+    console.log(`${"=".repeat(repeatNum)}`)
+}
+
+module.exports = {
+    load,
+    log
+};
--- a/config/base.json
+++ b/config/base.json
@@ -0,0 +1,8 @@
+{
+    "proxyApi": "http://localhost:4000",
+    "proxyIdentity": "http://localhost:33656",
+    "proxyEvents": "http://localhost:46273",
+    "proxyNotifications": "http://localhost:61840",
+    "proxyPortal": "http://localhost:52313",
+    "allowedHosts": []
+}
--- a/config/production.json
+++ b/config/production.json
@@ -0,0 +1,7 @@
+{
+    "proxyApi": "https://api.bitwarden.com",
+    "proxyIdentity": "https://identity.bitwarden.com",
+    "proxyEvents": "https://events.bitwarden.com",
+    "proxyNotifications": "https://notifications.bitwarden.com",
+    "proxyPortal": "https://portal.bitwarden.com"
+}
--- a/config/qa.json
+++ b/config/qa.json
@@ -0,0 +1,7 @@
+{
+    "proxyApi": "https://api.qa.bitwarden.com",
+    "proxyIdentity": "https://identity.qa.bitwarden.com",
+    "proxyEvents": "https://events.qa.bitwarden.com",
+    "proxyNotifications": "https://notifications.qa.bitwarden.com",
+    "proxyPortal": "https://portal.qa.bitwarden.com"
+}
--- a/crowdin.yml
+++ b/crowdin.yml
@@ -9,3 +9,4 @@ files:
        zh-CN: zh_CN
        zh-TW: zh_TW
        en-GB: en_GB
+        en-IN: en_IN
--- a/entrypoint.sh
+++ b/entrypoint.sh
@@ -31,6 +31,7 @@ mkhomedir_helper $USERNAME

 chown -R $USERNAME:$GROUPNAME /etc/bitwarden
 cp /etc/bitwarden/web/app-id.json /app/app-id.json
+cp /etc/bitwarden/web/assetlinks.json /app/assetlinks.json
 chown -R $USERNAME:$GROUPNAME /app
 chown -R $USERNAME:$GROUPNAME /bitwarden_server

--- a/2
+++ b/2
--- a/package-lock.json
+++ b/package-lock.json
--- a/package.json
+++ b/package.json
@@ -1,101 +1,89 @@
 {
  "name": "bitwarden-web",
-  "version": "2.15.1",
+  "version": "2.21.0",
  "license": "GPL-3.0",
  "repository": "https://github.com/bitwarden/web",
  "scripts": {
    "sub:init": "git submodule update --init --recursive",
    "sub:update": "git submodule update --remote",
    "sub:pull": "git submodule foreach git pull origin master",
-    "postinstall": "npm run sub:init",
+    "preinstall": "npm run sub:init",
    "symlink:win": "rm -rf ./jslib && cmd /c mklink /J .\\jslib ..\\jslib",
    "symlink:mac": "npm run symlink:lin",
    "symlink:lin": "rm -rf ./jslib && ln -s ../jslib ./jslib",
    "build": "gulp prebuild && webpack",
-    "build:watch": "gulp prebuild && webpack-dev-server",
-    "build:prod": "gulp prebuild && cross-env NODE_ENV=production webpack",
-    "build:prod:watch": "gulp prebuild && cross-env NODE_ENV=production webpack-dev-server",
-    "build:selfhost": "gulp prebuild && cross-env SELF_HOST=true webpack-dev-server",
-    "build:selfhost:watch": "gulp prebuild && cross-env SELF_HOST=true webpack-dev-server",
+    "build:watch": "gulp prebuild && webpack serve",
+    "build:dev": "gulp prebuild && cross-env ENV=development webpack",
+    "build:dev:watch": "gulp prebuild && cross-env ENV=development webpack serve",
+    "build:qa": "gulp prebuild && cross-env NODE_ENV=production ENV=qa webpack",
+    "build:qa:watch": "gulp prebuild && cross-env NODE_ENV=production ENV=qa webpack serve",
+    "build:prod": "gulp prebuild && cross-env NODE_ENV=production ENV=production webpack",
+    "build:prod:watch": "gulp prebuild && cross-env NODE_ENV=production ENV=production webpack serve",
+    "build:selfhost": "gulp prebuild && cross-env SELF_HOST=true webpack serve",
+    "build:selfhost:watch": "gulp prebuild && cross-env SELF_HOST=true webpack serve",
    "build:selfhost:prod": "gulp prebuild && cross-env SELF_HOST=true NODE_ENV=production webpack",
-    "build:selfhost:prod:watch": "gulp prebuild && cross-env SELF_HOST=true NODE_ENV=production webpack-dev-server",
+    "build:selfhost:prod:watch": "gulp prebuild && cross-env SELF_HOST=true NODE_ENV=production webpack serve",
    "clean:l10n": "git push origin --delete l10n_master",
    "dist": "npm run build:prod && gulp postdist",
    "dist:selfhost": "npm run build:selfhost:prod && gulp postdist",
    "deploy": "npm run dist && gh-pages -d build",
    "deploy:dev": "npm run dist && gh-pages -d build -r git@github.com:kspearrin/bitwarden-web-dev.git",
-    "lint": "tslint src/**/*.ts || true",
-    "lint:fix": "tslint src/**/*.ts --fix"
+    "lint": "tslint 'src/**/*.ts' || true",
+    "lint:fix": "tslint 'src/**/*.ts' --fix"
  },
  "devDependencies": {
-    "@angular/compiler-cli": "^7.2.11",
-    "@ngtools/webpack": "^7.2.2",
-    "@types/jquery": "^3.3.6",
-    "@types/lunr": "^2.3.3",
-    "@types/node-forge": "^0.7.5",
-    "@types/papaparse": "^4.5.3",
+    "@angular/compiler-cli": "^11.2.11",
+    "@ngtools/webpack": "^11.2.10",
+    "@types/duo_web_sdk": "^2.7.0",
+    "@types/jquery": "^3.5.5",
+    "@types/node": "^14.17.2",
    "@types/webcrypto": "^0.0.28",
-    "@types/webpack": "^4.4.11",
-    "@types/zxcvbn": "^4.4.0",
-    "angular2-template-loader": "^0.6.2",
-    "clean-webpack-plugin": "^0.1.19",
-    "copy-webpack-plugin": "^4.5.2",
-    "cross-env": "^5.2.0",
-    "css-loader": "^1.0.0",
-    "del": "^3.0.0",
-    "mini-css-extract-plugin": "^0.9.0",
-    "file-loader": "^2.0.0",
-    "gh-pages": "^1.2.0",
-    "gulp": "^4.0.0",
-    "gulp-google-webfonts": "^2.0.0",
-    "html-loader": "^0.5.5",
-    "html-webpack-plugin": "^3.2.0",
-    "node-sass": "^4.13.1",
-    "sass-loader": "^7.1.0",
-    "style-loader": "^0.23.0",
-    "terser-webpack-plugin": "^1.2.3",
-    "ts-loader": "^5.3.3",
-    "tslint": "^5.12.1",
+    "@types/webpack": "^4.4.27",
+    "clean-webpack-plugin": "^3.0.0",
+    "copy-webpack-plugin": "^6.4.0",
+    "cross-env": "^7.0.3",
+    "css-loader": "^5.2.3",
+    "del": "^6.0.0",
+    "file-loader": "^6.2.0",
+    "gh-pages": "^3.1.0",
+    "gulp": "^4.0.2",
+    "gulp-google-webfonts": "^4.0.0",
+    "html-loader": "^1.3.2",
+    "html-webpack-plugin": "^4.5.1",
+    "mini-css-extract-plugin": "^1.5.0",
+    "sass": "^1.32.10",
+    "sass-loader": "^10.1.1",
+    "style-loader": "^2.0.0",
+    "tapable": "^1.1.3",
+    "terser-webpack-plugin": "^4.2.3",
+    "ts-loader": "^8.1.0",
+    "tslint": "^6.1.3",
    "tslint-loader": "^3.5.4",
-    "typescript": "3.2.4",
-    "webpack": "^4.29.0",
-    "webpack-cli": "^3.2.1",
-    "webpack-dev-server": "^3.1.14"
+    "typescript": "4.1.5",
+    "webpack": "^4.46.0",
+    "webpack-cli": "^4.6.0",
+    "webpack-dev-server": "^3.11.2"
  },
  "dependencies": {
-    "@angular/animations": "7.2.1",
-    "@angular/cdk": "7.2.1",
-    "@angular/common": "7.2.1",
-    "@angular/compiler": "7.2.1",
-    "@angular/core": "7.2.1",
-    "@angular/forms": "7.2.1",
-    "@angular/platform-browser": "7.2.1",
-    "@angular/platform-browser-dynamic": "7.2.1",
-    "@angular/router": "7.2.1",
-    "@angular/upgrade": "7.2.1",
-    "@microsoft/signalr": "3.1.0",
-    "@microsoft/signalr-protocol-msgpack": "3.1.0",
-    "angular2-toaster": "6.1.0",
-    "angulartics2": "6.3.0",
-    "big-integer": "1.6.36",
-    "bootstrap": "4.3.1",
-    "braintree-web-drop-in": "1.13.0",
-    "core-js": "2.6.2",
-    "duo_web_sdk": "git+https://github.com/duosecurity/duo_web_sdk.git",
+    "@bitwarden/jslib-angular": "file:jslib/angular",
+    "@bitwarden/jslib-common": "file:jslib/common",
+    "angular2-toaster": "11.0.1",
+    "bootstrap": "4.6.0",
+    "braintree-web-drop-in": "1.28.0",
+    "browser-hrtime": "^1.1.8",
+    "core-js": "^3.11.0",
+    "date-input-polyfill": "^2.14.0",
+    "duo_web_sdk": "git+https://github.com/duosecurity/duo_web_sdk.git#5f9a1a8598d2cda494c4f5ee0e38b31474abfee9",
    "font-awesome": "4.7.0",
-    "jquery": "3.4.1",
-    "lunr": "2.3.3",
-    "ngx-infinite-scroll": "7.0.1",
-    "node-forge": "0.7.6",
-    "papaparse": "4.6.0",
-    "popper.js": "1.14.4",
+    "jquery": "3.6.0",
+    "popper.js": "1.16.1",
    "qrious": "4.0.2",
-    "rxjs": "6.3.3",
-    "sweetalert2": "9.8.1",
-    "web-animations-js": "2.3.1",
-    "webcrypto-shim": "0.1.4",
-    "whatwg-fetch": "3.0.0",
-    "zone.js": "0.8.28",
-    "zxcvbn": "4.4.2"
+    "sweetalert2": "^10.16.6",
+    "webcrypto-shim": "0.1.7",
+    "whatwg-fetch": "3.6.2"
+  },
+  "engines": {
+    "node": "~14",
+    "npm": "~7"
  }
 }
--- a/src/404.html
+++ b/src/404.html
@@ -0,0 +1,50 @@
+<!DOCTYPE html>
+<html lang="en">
+    <head>
+        <meta charset="utf-8">
+        <meta http-equiv="X-UA-Compatible" content="IE=edge">
+        <meta name="viewport" content="width=device-width, initial-scale=1">
+
+        <link href="/404/bootstrap.min.css" rel="stylesheet" type="text/css"
+            integrity="sha384-B0vP5xmATw1+K9KRQjQERJvTumQW0nPEzvF6L/Z6nronJ3oUOFUFpCjEUQouq2+l">
+        <link href="/404/font-awesome.min.css" rel="stylesheet" type="text/css"
+            integrity="sha512-SfTiTlX6kk+qitfevl/7LibUOeJWlt9rbyDn92a1DqWOw9vWG2MFoays0sgObmWazO5BQPiFucnnEAjpAB+/Sw==">
+        <link href="/404/styles.css" rel="stylesheet" type="text/css">
+
+        <link rel="apple-touch-icon" sizes="180x180" href="/images/icons/apple-touch-icon.png">
+        <link rel="icon" type="image/png" sizes="32x32" href="/images/icons/favicon-32x32.png">
+        <link rel="icon" type="image/png" sizes="16x16" href="/images/icons/favicon-16x16.png">
+        <link rel="mask-icon" href="/images/icons/safari-pinned-tab.svg" color="#175DDC">
+        <link rel="manifest" href="/manifest.json">
+
+        <title>Page not found!</title>
+        <meta name="description" content="404 Page Not Found">
+    </head>
+
+    <body>
+        <div class="banner">
+            <div class="container inner banner">
+                <div class="row align-items-center">
+                    <div class="col brand">
+                        <i class="fa fa-shield"></i>&nbsp;
+                        <strong>bit</strong>warden</span>
+                    </div>
+                </div>
+            </div>
+        </div>
+        <div class="container inner content">
+            <h2>Page not found!</h2>
+            <p>Sorry, but the page you were looking for could not be found.</p>
+            <p>
+                <a href="/">
+                    <img src="/images/404.png" class="img-fluid" alt="404 image" width="80%"/>
+                </a>
+            </p>
+            <p>You can <a href="/">return to the web vault</a>, check our <a href="https://status.bitwarden.com/">status page</a>
+                or <a href="https://bitwarden.com/contact/">contact us</a>.</p>
+        </div>
+        <div class="container footer text-muted content">
+            © Copyright 2021 Bitwarden, Inc.
+        </div>
+    </body>
+</html>
--- a/src/404/bootstrap.min.css
+++ b/src/404/bootstrap.min.css
--- a/src/404/font-awesome.min.css
+++ b/src/404/font-awesome.min.css
--- a/src/404/styles.css
+++ b/src/404/styles.css
@@ -0,0 +1,119 @@
+@font-face {
+	font-family: 'Open Sans';
+	font-style: italic;
+	font-weight: 300;
+	src: url(../fonts/Open_Sans-italic-300.woff) format('woff');
+	unicode-range: U+0-10FFFF;
+}
+
+@font-face {
+	font-family: 'Open Sans';
+	font-style: italic;
+	font-weight: 400;
+	src: url(../fonts/Open_Sans-italic-400.woff) format('woff');
+	unicode-range: U+0-10FFFF;
+}
+
+@font-face {
+	font-family: 'Open Sans';
+	font-style: italic;
+	font-weight: 600;
+	src: url(../fonts/Open_Sans-italic-600.woff) format('woff');
+	unicode-range: U+0-10FFFF;
+}
+
+@font-face {
+	font-family: 'Open Sans';
+	font-style: italic;
+	font-weight: 700;
+	src: url(../fonts/Open_Sans-italic-700.woff) format('woff');
+	unicode-range: U+0-10FFFF;
+}
+
+@font-face {
+	font-family: 'Open Sans';
+	font-style: italic;
+	font-weight: 800;
+	src: url(../fonts/Open_Sans-italic-800.woff) format('woff');
+	unicode-range: U+0-10FFFF;
+}
+
+@font-face {
+	font-family: 'Open Sans';
+	font-style: normal;
+	font-weight: 300;
+	src: url(../fonts/Open_Sans-normal-300.woff) format('woff');
+	unicode-range: U+0-10FFFF;
+}
+
+@font-face {
+	font-family: 'Open Sans';
+	font-style: normal;
+	font-weight: 400;
+	src: url(../fonts/Open_Sans-normal-400.woff) format('woff');
+	unicode-range: U+0-10FFFF;
+}
+
+@font-face {
+	font-family: 'Open Sans';
+	font-style: normal;
+	font-weight: 600;
+	src: url(../fonts/Open_Sans-normal-600.woff) format('woff');
+	unicode-range: U+0-10FFFF;
+}
+
+@font-face {
+	font-family: 'Open Sans';
+	font-style: normal;
+	font-weight: 700;
+	src: url(../fonts/Open_Sans-normal-700.woff) format('woff');
+	unicode-range: U+0-10FFFF;
+}
+
+@font-face {
+	font-family: 'Open Sans';
+	font-style: normal;
+	font-weight: 800;
+	src: url(../fonts/Open_Sans-normal-800.woff) format('woff');
+	unicode-range: U+0-10FFFF;
+}
+
+body {
+    font-family: 'Open Sans';
+}
+
+html, body, .row {
+    height: 100%;
+    -webkit-font-smoothing: antialiased;
+}
+
+h2 {
+    font-size: 25px;
+    margin-bottom: 12.5px;
+    font-weight: 500;
+    line-height: 1.1;
+}
+
+.brand {
+  font-size: 23px;
+  line-height: 25px;
+  color: #fff;
+  font-family: "Open Sans","Helvetica Neue",Helvetica,Arial,sans-serif;
+}
+
+.banner {
+    background-color: #175DDC;
+    height: 56px;
+}
+
+.content {
+    padding-top: 20px;
+    padding-bottom: 20px;
+    padding-left: 15px;
+    padding-right: 15px;
+}
+
+.footer {
+    padding: 40px 0 40px 0;
+    border-top: 1px solid #dee2e6;
+}
--- a/src/app/accounts/accept-emergency.component.html
+++ b/src/app/accounts/accept-emergency.component.html
@@ -0,0 +1,34 @@
+<div class="mt-5 d-flex justify-content-center" *ngIf="loading">
+    <div>
+        <img src="../../images/logo-dark@2x.png" class="mb-4 logo" alt="Bitwarden">
+        <p class="text-center">
+            <i class="fa fa-spinner fa-spin fa-2x text-muted" title="{{'loading' | i18n}}" aria-hidden="true"></i>
+            <span class="sr-only">{{'loading' | i18n}}</span>
+        </p>
+    </div>
+</div>
+<div class="container" *ngIf="!loading && !authed">
+    <div class="row justify-content-md-center mt-5">
+        <div class="col-5">
+            <p class="lead text-center mb-4">{{'emergencyAccess' | i18n}}</p>
+            <div class="card d-block">
+                <div class="card-body">
+                    <p class="text-center">
+                        {{name}}
+                    </p>
+                    <p>{{'acceptEmergencyAccess' | i18n}}</p>
+                    <hr>
+                    <div class="d-flex">
+                        <a routerLink="/" [queryParams]="{email: email}" class="btn btn-primary btn-block">
+                            {{'logIn' | i18n}}
+                        </a>
+                        <a routerLink="/register" [queryParams]="{email: email}"
+                            class="btn btn-primary btn-block ml-2 mt-0">
+                            {{'createAccount' | i18n}}
+                        </a>
+                    </div>
+                </div>
+            </div>
+        </div>
+    </div>
+</div>
--- a/src/app/accounts/accept-emergency.component.ts
+++ b/src/app/accounts/accept-emergency.component.ts
@@ -0,0 +1,93 @@
+import {
+    Component,
+    OnInit,
+} from '@angular/core';
+import {
+    ActivatedRoute,
+    Router,
+} from '@angular/router';
+
+import {
+    Toast,
+    ToasterService,
+} from 'angular2-toaster';
+
+import { ApiService } from 'jslib-common/abstractions/api.service';
+import { I18nService } from 'jslib-common/abstractions/i18n.service';
+import { StateService } from 'jslib-common/abstractions/state.service';
+import { UserService } from 'jslib-common/abstractions/user.service';
+import { EmergencyAccessAcceptRequest } from 'jslib-common/models/request/emergencyAccessAcceptRequest';
+
+@Component({
+    selector: 'app-accept-emergency',
+    templateUrl: 'accept-emergency.component.html',
+})
+export class AcceptEmergencyComponent implements OnInit {
+    loading = true;
+    authed = false;
+    name: string;
+    email: string;
+    actionPromise: Promise<any>;
+
+    constructor(private router: Router, private toasterService: ToasterService,
+        private i18nService: I18nService, private route: ActivatedRoute,
+        private apiService: ApiService, private userService: UserService,
+        private stateService: StateService) { }
+
+    ngOnInit() {
+        let fired = false;
+        this.route.queryParams.subscribe(async qParams => {
+            if (fired) {
+                return;
+            }
+            fired = true;
+            await this.stateService.remove('emergencyInvitation');
+            let error = qParams.id == null || qParams.name == null || qParams.email == null || qParams.token == null;
+            let errorMessage: string = null;
+            if (!error) {
+                this.authed = await this.userService.isAuthenticated();
+                if (this.authed) {
+                    const request = new EmergencyAccessAcceptRequest();
+                    request.token = qParams.token;
+                    try {
+                        this.actionPromise = this.apiService.postEmergencyAccessAccept(qParams.id, request);
+                        await this.actionPromise;
+                        const toast: Toast = {
+                            type: 'success',
+                            title: this.i18nService.t('inviteAccepted'),
+                            body: this.i18nService.t('emergencyInviteAcceptedDesc'),
+                            timeout: 10000,
+                        };
+                        this.toasterService.popAsync(toast);
+                        this.router.navigate(['/vault']);
+                    } catch (e) {
+                        error = true;
+                        errorMessage = e.message;
+                    }
+                } else {
+                    await this.stateService.save('emergencyInvitation', qParams);
+                    this.email = qParams.email;
+                    this.name = qParams.name;
+                    if (this.name != null) {
+                        // Fix URL encoding of space issue with Angular
+                        this.name = this.name.replace(/\+/g, ' ');
+                    }
+                }
+            }
+
+            if (error) {
+                const toast: Toast = {
+                    type: 'error',
+                    title: null,
+                    body: errorMessage != null ? this.i18nService.t('emergencyInviteAcceptFailedShort', errorMessage) :
+                        this.i18nService.t('emergencyInviteAcceptFailed'),
+                    timeout: 10000,
+                };
+                this.toasterService.popAsync(toast);
+                this.router.navigate(['/']);
+            }
+
+            this.loading = false;
+        });
+    }
+}
--- a/src/app/accounts/accept-organization.component.ts
+++ b/src/app/accounts/accept-organization.component.ts
@@ -2,6 +2,7 @@ import {
    Component,
    OnInit,
 } from '@angular/core';
+
 import {
    ActivatedRoute,
    Router,
@@ -12,12 +13,18 @@ import {
    ToasterService,
 } from 'angular2-toaster';

-import { ApiService } from 'jslib/abstractions/api.service';
-import { I18nService } from 'jslib/abstractions/i18n.service';
-import { StateService } from 'jslib/abstractions/state.service';
-import { UserService } from 'jslib/abstractions/user.service';
+import { ApiService } from 'jslib-common/abstractions/api.service';
+import { CryptoService } from 'jslib-common/abstractions/crypto.service';
+import { I18nService } from 'jslib-common/abstractions/i18n.service';
+import { PolicyService } from 'jslib-common/abstractions/policy.service';
+import { StateService } from 'jslib-common/abstractions/state.service';
+import { UserService } from 'jslib-common/abstractions/user.service';

-import { OrganizationUserAcceptRequest } from 'jslib/models/request/organizationUserAcceptRequest';
+import { OrganizationUserAcceptRequest } from 'jslib-common/models/request/organizationUserAcceptRequest';
+import { OrganizationUserResetPasswordEnrollmentRequest } from 'jslib-common/models/request/organizationUserResetPasswordEnrollmentRequest';
+
+import { Utils } from 'jslib-common/misc/utils';
+import { Policy } from 'jslib-common/models/domain/policy';

@Component({
    selector: 'app-accept-organization',
@@ -33,11 +40,12 @@ export class AcceptOrganizationComponent implements OnInit {
    constructor(private router: Router, private toasterService: ToasterService,
        private i18nService: I18nService, private route: ActivatedRoute,
        private apiService: ApiService, private userService: UserService,
-        private stateService: StateService) { }
+        private stateService: StateService, private cryptoService: CryptoService,
+        private policyService: PolicyService) { }

    ngOnInit() {
        let fired = false;
-        this.route.queryParams.subscribe(async (qParams) => {
+        this.route.queryParams.subscribe(async qParams => {
            if (fired) {
                return;
            }
@@ -51,8 +59,36 @@ export class AcceptOrganizationComponent implements OnInit {
                    const request = new OrganizationUserAcceptRequest();
                    request.token = qParams.token;
                    try {
-                        this.actionPromise = this.apiService.postOrganizationUserAccept(qParams.organizationId,
-                            qParams.organizationUserId, request);
+                        if (await this.performResetPasswordAutoEnroll(qParams)) {
+                            this.actionPromise = this.apiService.postOrganizationUserAccept(qParams.organizationId,
+                                qParams.organizationUserId, request).then(() => {
+                                    // Retrieve Public Key
+                                    return this.apiService.getOrganizationKeys(qParams.organizationId);
+                                }).then(async response => {
+                                    if (response == null) {
+                                        throw new Error(this.i18nService.t('resetPasswordOrgKeysError'));
+                                    }
+
+                                    const publicKey = Utils.fromB64ToArray(response.publicKey);
+
+                                    // RSA Encrypt user's encKey.key with organization public key
+                                    const encKey = await this.cryptoService.getEncKey();
+                                    const encryptedKey = await this.cryptoService.rsaEncrypt(encKey.key, publicKey.buffer);
+
+                                    // Create request and execute enrollment
+                                    const resetRequest = new OrganizationUserResetPasswordEnrollmentRequest();
+                                    resetRequest.resetPasswordKey = encryptedKey.encryptedString;
+
+                                    // Get User Id
+                                    const userId = await this.userService.getUserId();
+
+                                    return this.apiService.putOrganizationUserResetPasswordEnrollment(qParams.organizationId, userId, resetRequest);
+                                });
+                        } else {
+                            this.actionPromise = this.apiService.postOrganizationUserAccept(qParams.organizationId,
+                                qParams.organizationUserId, request);
+                        }
+
                        await this.actionPromise;
                        const toast: Toast = {
                            type: 'success',
@@ -92,4 +128,21 @@ export class AcceptOrganizationComponent implements OnInit {
            this.loading = false;
        });
    }
+
+    private async performResetPasswordAutoEnroll(qParams: any): Promise<boolean> {
+        let policyList: Policy[] = null;
+        try {
+            const policies = await this.apiService.getPoliciesByToken(qParams.organizationId, qParams.token,
+                qParams.email, qParams.organizationUserId);
+            policyList = this.policyService.mapPoliciesFromToken(policies);
+        } catch { }
+
+        if (policyList != null) {
+            const result = this.policyService.getResetPasswordPolicyOptions(policyList, qParams.organizationId);
+            // Return true if policy enabled and auto-enroll enabled
+            return result[1] && result[0].autoEnrollEnabled;
+        }
+
+        return false;
+    }
 }
--- a/src/app/accounts/hint.component.ts
+++ b/src/app/accounts/hint.component.ts
@@ -1,11 +1,11 @@
 import { Component } from '@angular/core';
 import { Router } from '@angular/router';

-import { ApiService } from 'jslib/abstractions/api.service';
-import { I18nService } from 'jslib/abstractions/i18n.service';
-import { PlatformUtilsService } from 'jslib/abstractions/platformUtils.service';
+import { ApiService } from 'jslib-common/abstractions/api.service';
+import { I18nService } from 'jslib-common/abstractions/i18n.service';
+import { PlatformUtilsService } from 'jslib-common/abstractions/platformUtils.service';

-import { HintComponent as BaseHintComponent } from 'jslib/angular/components/hint.component';
+import { HintComponent as BaseHintComponent } from 'jslib-angular/components/hint.component';

@Component({
    selector: 'app-hint',
--- a/src/app/accounts/lock.component.html
+++ b/src/app/accounts/lock.component.html
@@ -1,4 +1,4 @@
-<form (ngSubmit)="submit()" class="container" ngNativeValidate>
+<form #form (ngSubmit)="submit()" [appApiAction]="formPromise" class="container" ngNativeValidate>
    <div class="row justify-content-md-center mt-5">
        <div class="col-5">
            <p class="text-center mb-4">
@@ -25,9 +25,11 @@
                    </div>
                    <hr>
                    <div class="d-flex">
-                        <button type="submit" class="btn btn-primary btn-block">
-                            <i class="fa fa-unlock-alt" aria-hidden="true"></i>
-                            {{'unlock' | i18n}}
+                        <button type="submit" class="btn btn-primary btn-block btn-submit" [disabled]="form.loading">
+                            <span>
+                                <i class="fa fa-unlock-alt" aria-hidden="true"></i> {{'unlock' | i18n}}
+                            </span>
+                            <i class="fa fa-spinner fa-spin" title="{{'loading' | i18n}}" aria-hidden="true"></i>
                        </button>
                        <button type="button" class="btn btn-outline-secondary btn-block ml-2 mt-0" (click)="logOut()">
                            {{'logOut' | i18n}}
--- a/src/app/accounts/lock.component.ts
+++ b/src/app/accounts/lock.component.ts
@@ -1,19 +1,20 @@
 import { Component } from '@angular/core';
 import { Router } from '@angular/router';

-import { CryptoService } from 'jslib/abstractions/crypto.service';
-import { EnvironmentService } from 'jslib/abstractions/environment.service';
-import { I18nService } from 'jslib/abstractions/i18n.service';
-import { MessagingService } from 'jslib/abstractions/messaging.service';
-import { PlatformUtilsService } from 'jslib/abstractions/platformUtils.service';
-import { StateService } from 'jslib/abstractions/state.service';
-import { StorageService } from 'jslib/abstractions/storage.service';
-import { UserService } from 'jslib/abstractions/user.service';
-import { VaultTimeoutService } from 'jslib/abstractions/vaultTimeout.service';
+import { ApiService } from 'jslib-common/abstractions/api.service';
+import { CryptoService } from 'jslib-common/abstractions/crypto.service';
+import { EnvironmentService } from 'jslib-common/abstractions/environment.service';
+import { I18nService } from 'jslib-common/abstractions/i18n.service';
+import { MessagingService } from 'jslib-common/abstractions/messaging.service';
+import { PlatformUtilsService } from 'jslib-common/abstractions/platformUtils.service';
+import { StateService } from 'jslib-common/abstractions/state.service';
+import { StorageService } from 'jslib-common/abstractions/storage.service';
+import { UserService } from 'jslib-common/abstractions/user.service';
+import { VaultTimeoutService } from 'jslib-common/abstractions/vaultTimeout.service';

 import { RouterService } from '../services/router.service';

-import { LockComponent as BaseLockComponent } from 'jslib/angular/components/lock.component';
+import { LockComponent as BaseLockComponent } from 'jslib-angular/components/lock.component';

@Component({
    selector: 'app-lock',
@@ -25,20 +26,13 @@ export class LockComponent extends BaseLockComponent {
        userService: UserService, cryptoService: CryptoService,
        storageService: StorageService, vaultTimeoutService: VaultTimeoutService,
        environmentService: EnvironmentService, private routerService: RouterService,
-        stateService: StateService) {
+        stateService: StateService, apiService: ApiService) {
        super(router, i18nService, platformUtilsService, messagingService, userService, cryptoService,
-            storageService, vaultTimeoutService, environmentService, stateService);
+            storageService, vaultTimeoutService, environmentService, stateService, apiService);
    }

    async ngOnInit() {
        await super.ngOnInit();
-        const authed = await this.userService.isAuthenticated();
-        if (!authed) {
-            this.router.navigate(['/']);
-        } else if (await this.cryptoService.hasKey()) {
-            this.router.navigate(['vault']);
-        }
-
        this.onSuccessfulSubmit = () => {
            const previousUrl = this.routerService.getPreviousUrl();
            if (previousUrl !== '/' && previousUrl.indexOf('lock') === -1) {
--- a/src/app/accounts/login.component.html
+++ b/src/app/accounts/login.component.html
@@ -5,6 +5,10 @@
            <p class="lead text-center mx-4 mb-4">{{'loginOrCreateNewAccount' | i18n}}</p>
            <div class="card d-block">
                <div class="card-body">
+                    <app-callout type="warning" title="{{'resetPasswordPolicyAutoEnroll' | i18n}}"
+                        *ngIf="showResetPasswordAutoEnrollWarning">
+                        {{'resetPasswordAutoEnrollInviteWarning' | i18n}}
+                    </app-callout>
                    <div class="form-group">
                        <label for="email">{{'emailAddress' | i18n}}</label>
                        <input id="email" class="form-control" type="text" name="Email" [(ngModel)]="email" required
@@ -44,6 +48,11 @@
                            <i class="fa fa-pencil-square-o" aria-hidden="true"></i> {{'createAccount' | i18n}}
                        </a>
                    </div>
+                    <div class="d-flex">
+                        <a routerLink="/sso" class="btn btn-outline-secondary btn-block mt-2">
+                            <i class="fa fa-bank" aria-hidden="true"></i> {{'enterpriseSingleSignOn' | i18n}}
+                        </a>
+                    </div>
                </div>
            </div>
        </div>
--- a/src/app/accounts/login.component.ts
+++ b/src/app/accounts/login.component.ts
@@ -4,29 +4,45 @@ import {
    Router,
 } from '@angular/router';

-import { AuthService } from 'jslib/abstractions/auth.service';
-import { I18nService } from 'jslib/abstractions/i18n.service';
-import { PlatformUtilsService } from 'jslib/abstractions/platformUtils.service';
-import { StateService } from 'jslib/abstractions/state.service';
-import { StorageService } from 'jslib/abstractions/storage.service';
+import { ApiService } from 'jslib-common/abstractions/api.service';
+import { AuthService } from 'jslib-common/abstractions/auth.service';
+import { CryptoFunctionService } from 'jslib-common/abstractions/cryptoFunction.service';
+import { EnvironmentService } from 'jslib-common/abstractions/environment.service';
+import { I18nService } from 'jslib-common/abstractions/i18n.service';
+import { PasswordGenerationService } from 'jslib-common/abstractions/passwordGeneration.service';
+import { PlatformUtilsService } from 'jslib-common/abstractions/platformUtils.service';
+import { PolicyService } from 'jslib-common/abstractions/policy.service';
+import { StateService } from 'jslib-common/abstractions/state.service';
+import { StorageService } from 'jslib-common/abstractions/storage.service';

-import { LoginComponent as BaseLoginComponent } from 'jslib/angular/components/login.component';
+import { LoginComponent as BaseLoginComponent } from 'jslib-angular/components/login.component';
+
+import { Policy } from 'jslib-common/models/domain/policy';

@Component({
    selector: 'app-login',
    templateUrl: 'login.component.html',
 })
 export class LoginComponent extends BaseLoginComponent {
+
+    showResetPasswordAutoEnrollWarning = false;
+
    constructor(authService: AuthService, router: Router,
        i18nService: I18nService, private route: ActivatedRoute,
        storageService: StorageService, stateService: StateService,
-        platformUtilsService: PlatformUtilsService) {
-        super(authService, router, platformUtilsService, i18nService, storageService, stateService);
+        platformUtilsService: PlatformUtilsService, environmentService: EnvironmentService,
+        passwordGenerationService: PasswordGenerationService, cryptoFunctionService: CryptoFunctionService,
+        private apiService: ApiService, private policyService: PolicyService) {
+        super(authService, router,
+            platformUtilsService, i18nService,
+            stateService, environmentService,
+            passwordGenerationService, cryptoFunctionService,
+            storageService);
        this.onSuccessfulLoginNavigate = this.goAfterLogIn;
    }

    async ngOnInit() {
-        const queryParamsSub = this.route.queryParams.subscribe(async (qParams) => {
+        const queryParamsSub = this.route.queryParams.subscribe(async qParams => {
            if (qParams.email != null && qParams.email.indexOf('@') > -1) {
                this.email = qParams.email;
            }
@@ -41,12 +57,31 @@ export class LoginComponent extends BaseLoginComponent {
                queryParamsSub.unsubscribe();
            }
        });
+
+        const invite = await this.stateService.get<any>('orgInvitation');
+        if (invite != null) {
+            let policyList: Policy[] = null;
+            try {
+                const policies = await this.apiService.getPoliciesByToken(invite.organizationId, invite.token,
+                    invite.email, invite.organizationUserId);
+                policyList = this.policyService.mapPoliciesFromToken(policies);
+            } catch { }
+
+            if (policyList != null) {
+                const result = this.policyService.getResetPasswordPolicyOptions(policyList, invite.organizationId);
+                // Set to true if policy enabled and auto-enroll enabled
+                this.showResetPasswordAutoEnrollWarning = result[1] && result[0].autoEnrollEnabled;
+            }
+        }
    }

    async goAfterLogIn() {
-        const invite = await this.stateService.get<any>('orgInvitation');
-        if (invite != null) {
-            this.router.navigate(['accept-organization'], { queryParams: invite });
+        const orgInvite = await this.stateService.get<any>('orgInvitation');
+        const emergencyInvite = await this.stateService.get<any>('emergencyInvitation');
+        if (orgInvite != null) {
+            this.router.navigate(['accept-organization'], { queryParams: orgInvite });
+        } else if (emergencyInvite != null) {
+            this.router.navigate(['accept-emergency'], { queryParams: emergencyInvite });
        } else {
            const loginRedirect = await this.stateService.get<any>('loginRedirect');
            if (loginRedirect != null) {
--- a/src/app/accounts/recover-delete.component.ts
+++ b/src/app/accounts/recover-delete.component.ts
@@ -2,12 +2,11 @@ import { Component } from '@angular/core';
 import { Router } from '@angular/router';

 import { ToasterService } from 'angular2-toaster';
-import { Angulartics2 } from 'angulartics2';

-import { ApiService } from 'jslib/abstractions/api.service';
-import { I18nService } from 'jslib/abstractions/i18n.service';
+import { ApiService } from 'jslib-common/abstractions/api.service';
+import { I18nService } from 'jslib-common/abstractions/i18n.service';

-import { DeleteRecoverRequest } from 'jslib/models/request/deleteRecoverRequest';
+import { DeleteRecoverRequest } from 'jslib-common/models/request/deleteRecoverRequest';

@Component({
    selector: 'app-recover-delete',
@@ -18,8 +17,7 @@ export class RecoverDeleteComponent {
    formPromise: Promise<any>;

    constructor(private router: Router, private apiService: ApiService,
-        private analytics: Angulartics2, private toasterService: ToasterService,
-        private i18nService: I18nService) {
+        private toasterService: ToasterService, private i18nService: I18nService) {
    }

    async submit() {
@@ -28,7 +26,6 @@ export class RecoverDeleteComponent {
            request.email = this.email.trim().toLowerCase();
            this.formPromise = this.apiService.postAccountRecoverDelete(request);
            await this.formPromise;
-            this.analytics.eventTrack.next({ action: 'Started Delete Recovery' });
            this.toasterService.popAsync('success', null, this.i18nService.t('deleteRecoverEmailSent'));
            this.router.navigate(['/']);
        } catch { }
--- a/src/app/accounts/recover-two-factor.component.ts
+++ b/src/app/accounts/recover-two-factor.component.ts
@@ -2,14 +2,13 @@ import { Component } from '@angular/core';
 import { Router } from '@angular/router';

 import { ToasterService } from 'angular2-toaster';
-import { Angulartics2 } from 'angulartics2';

-import { ApiService } from 'jslib/abstractions/api.service';
-import { AuthService } from 'jslib/abstractions/auth.service';
-import { CryptoService } from 'jslib/abstractions/crypto.service';
-import { I18nService } from 'jslib/abstractions/i18n.service';
+import { ApiService } from 'jslib-common/abstractions/api.service';
+import { AuthService } from 'jslib-common/abstractions/auth.service';
+import { CryptoService } from 'jslib-common/abstractions/crypto.service';
+import { I18nService } from 'jslib-common/abstractions/i18n.service';

-import { TwoFactorRecoveryRequest } from 'jslib/models/request/twoFactorRecoveryRequest';
+import { TwoFactorRecoveryRequest } from 'jslib-common/models/request/twoFactorRecoveryRequest';

@Component({
    selector: 'app-recover-two-factor',
@@ -22,9 +21,8 @@ export class RecoverTwoFactorComponent {
    formPromise: Promise<any>;

    constructor(private router: Router, private apiService: ApiService,
-        private analytics: Angulartics2, private toasterService: ToasterService,
-        private i18nService: I18nService, private cryptoService: CryptoService,
-        private authService: AuthService) { }
+        private toasterService: ToasterService, private i18nService: I18nService,
+        private cryptoService: CryptoService, private authService: AuthService) { }

    async submit() {
        try {
@@ -35,7 +33,6 @@ export class RecoverTwoFactorComponent {
            request.masterPasswordHash = await this.cryptoService.hashPassword(this.masterPassword, key);
            this.formPromise = this.apiService.postTwoFactorRecover(request);
            await this.formPromise;
-            this.analytics.eventTrack.next({ action: 'Recovered 2FA' });
            this.toasterService.popAsync('success', null, this.i18nService.t('twoStepRecoverDisabled'));
            this.router.navigate(['/']);
        } catch { }
--- a/src/app/accounts/register.component.html
+++ b/src/app/accounts/register.component.html
@@ -25,8 +25,8 @@
                                </cite>
                            </figcaption>
                            <blockquote>
-                                "Bitwarden has become a popular choice among open-source software advocates. After using it for a
-                                few months, I can see why." - February 2020
+                                "Bitwarden has become a popular choice among open-source software advocates. After using
+                                it for a few months, I can see why." - February 2020
                            </blockquote>
                        </figure>
                    </div>
@@ -44,14 +44,15 @@
                        <p class="lead text-center mb-4" *ngIf="!layout">{{'createAccount' | i18n}}</p>
                        <div class="card d-block">
                            <div class="card-body">
-                                <app-callout title="{{'createOrganizationStep1' | i18n}}" type="info" icon="fa-thumb-tack"
-                                    *ngIf="showCreateOrgMessage">
+                                <app-callout title="{{'createOrganizationStep1' | i18n}}" type="info"
+                                    icon="fa-thumb-tack" *ngIf="showCreateOrgMessage">
                                    {{'createOrganizationCreatePersonalAccount' | i18n}}
                                </app-callout>
                                <div class="form-group">
                                    <label for="email">{{'emailAddress' | i18n}}</label>
                                    <input id="email" class="form-control" type="text" name="Email" [(ngModel)]="email"
-                                        required [appAutofocus]="email === ''" inputmode="email" appInputVerbatim="false">
+                                        required [appAutofocus]="email === ''" inputmode="email"
+                                        appInputVerbatim="false">
                                    <small class="form-text text-muted">{{'emailAddressDesc' | i18n}}</small>
                                </div>
                                <div class="form-group">
@@ -120,6 +121,19 @@
                                    <input id="hint" class="form-control" type="text" name="Hint" [(ngModel)]="hint">
                                    <small class="form-text text-muted">{{'masterPassHintDesc' | i18n}}</small>
                                </div>
+                                <div class="form-group" *ngIf="showTerms">
+                                    <div class="form-check">
+                                        <input class="form-check-input" type="checkbox" id="acceptPolicies"
+                                            [(ngModel)]="acceptPolicies" name="AcceptPolicies">
+                                        <label class="form-check-label small text-muted" for="acceptPolicies">
+                                            {{'acceptPolicies' | i18n}}<br>
+                                            <a href="https://bitwarden.com/terms/" target="_blank"
+                                                rel="noopener">{{'termsOfService' | i18n}}</a>,
+                                            <a href="https://bitwarden.com/privacy/" target="_blank"
+                                                rel="noopener">{{'privacyPolicy' | i18n}}</a>
+                                        </label>
+                                    </div>
+                                </div>
                                <hr>
                                <div class="d-flex mb-2">
                                    <button type="submit" class="btn btn-primary btn-block btn-submit"
@@ -132,13 +146,6 @@
                                        {{'cancel' | i18n}}
                                    </a>
                                </div>
-                                <small class="text-muted" *ngIf="showTerms">
-                                    {{'submitAgreePolicies' | i18n}}
-                                    <a href="https://bitwarden.com/terms/" target="_blank"
-                                        rel="noopener">{{'termsOfService' | i18n}}</a>,
-                                    <a href="https://bitwarden.com/privacy/" target="_blank"
-                                        rel="noopener">{{'privacyPolicy' | i18n}}</a>
-                                </small>
                            </div>
                        </div>
                    </div>
--- a/src/app/accounts/register.component.ts
+++ b/src/app/accounts/register.component.ts
@@ -4,21 +4,22 @@ import {
    Router,
 } from '@angular/router';

-import { ApiService } from 'jslib/abstractions/api.service';
-import { AuthService } from 'jslib/abstractions/auth.service';
-import { CryptoService } from 'jslib/abstractions/crypto.service';
-import { I18nService } from 'jslib/abstractions/i18n.service';
-import { PasswordGenerationService } from 'jslib/abstractions/passwordGeneration.service';
-import { PlatformUtilsService } from 'jslib/abstractions/platformUtils.service';
-import { PolicyService } from 'jslib/abstractions/policy.service';
-import { StateService } from 'jslib/abstractions/state.service';
+import { ApiService } from 'jslib-common/abstractions/api.service';
+import { AuthService } from 'jslib-common/abstractions/auth.service';
+import { CryptoService } from 'jslib-common/abstractions/crypto.service';
+import { I18nService } from 'jslib-common/abstractions/i18n.service';
+import { PasswordGenerationService } from 'jslib-common/abstractions/passwordGeneration.service';
+import { PlatformUtilsService } from 'jslib-common/abstractions/platformUtils.service';
+import { PolicyService } from 'jslib-common/abstractions/policy.service';
+import { StateService } from 'jslib-common/abstractions/state.service';

-import { RegisterComponent as BaseRegisterComponent } from 'jslib/angular/components/register.component';
+import { RegisterComponent as BaseRegisterComponent } from 'jslib-angular/components/register.component';

-import { MasterPasswordPolicyOptions } from 'jslib/models/domain/masterPasswordPolicyOptions';
-import { Policy } from 'jslib/models/domain/policy';
+import { MasterPasswordPolicyOptions } from 'jslib-common/models/domain/masterPasswordPolicyOptions';
+import { Policy } from 'jslib-common/models/domain/policy';

-import { PolicyData } from 'jslib/models/data/policyData';
+import { PolicyData } from 'jslib-common/models/data/policyData';
+import { ReferenceEventRequest } from 'jslib-common/models/request/referenceEventRequest';

@Component({
    selector: 'app-register',
@@ -26,7 +27,6 @@ import { PolicyData } from 'jslib/models/data/policyData';
 })
 export class RegisterComponent extends BaseRegisterComponent {
    showCreateOrgMessage = false;
-    showTerms = true;
    layout = '';
    enforcedPolicyOptions: MasterPasswordPolicyOptions;

@@ -39,7 +39,6 @@ export class RegisterComponent extends BaseRegisterComponent {
        passwordGenerationService: PasswordGenerationService, private policyService: PolicyService) {
        super(authService, router, i18nService, cryptoService, apiService, stateService, platformUtilsService,
            passwordGenerationService);
-        this.showTerms = !platformUtilsService.isSelfHost();
    }

    getPasswordScoreAlertDisplay() {
@@ -63,7 +62,8 @@ export class RegisterComponent extends BaseRegisterComponent {
    }

    async ngOnInit() {
-        const queryParamsSub = this.route.queryParams.subscribe((qParams) => {
+        const queryParamsSub = this.route.queryParams.subscribe(qParams => {
+            this.referenceData = new ReferenceEventRequest();
            if (qParams.email != null && qParams.email.indexOf('@') > -1) {
                this.email = qParams.email;
            }
@@ -71,19 +71,20 @@ export class RegisterComponent extends BaseRegisterComponent {
                this.stateService.save('loginRedirect', { route: '/settings/premium' });
            } else if (qParams.org != null) {
                this.showCreateOrgMessage = true;
+                this.referenceData.flow = qParams.org;
                this.stateService.save('loginRedirect',
                    { route: '/settings/create-organization', qParams: { plan: qParams.org } });
            }
            if (qParams.layout != null) {
-                this.layout = qParams.layout;
+                this.layout = this.referenceData.layout = qParams.layout;
            }
            if (qParams.reference != null) {
-                this.referenceId = qParams.reference;
+                this.referenceData.id = qParams.reference;
            } else {
-                this.referenceId = ('; ' + document.cookie).split('; reference=').pop().split(';').shift();
+                this.referenceData.id = ('; ' + document.cookie).split('; reference=').pop().split(';').shift();
            }
-            if (this.referenceId === '') {
-                this.referenceId = null;
+            if (this.referenceData.id === '') {
+                this.referenceData.id = null;
            }
            if (queryParamsSub != null) {
                queryParamsSub.unsubscribe();
@@ -95,8 +96,8 @@ export class RegisterComponent extends BaseRegisterComponent {
                const policies = await this.apiService.getPoliciesByToken(invite.organizationId, invite.token,
                    invite.email, invite.organizationUserId);
                if (policies.data != null) {
-                    const policiesData = policies.data.map((p) => new PolicyData(p));
-                    this.policies = policiesData.map((p) => new Policy(p));
+                    const policiesData = policies.data.map(p => new PolicyData(p));
+                    this.policies = policiesData.map(p => new Policy(p));
                }
            } catch { }
        }
--- a/src/app/accounts/set-password.component.html
+++ b/src/app/accounts/set-password.component.html
@@ -0,0 +1,85 @@
+<form #form (ngSubmit)="submit()" [appApiAction]="formPromise" ngNativeValidate autocomplete="off">
+    <div class="row justify-content-md-center mt-5">
+        <div class="col-5">
+            <p class="lead text-center mb-4">{{'setMasterPassword' | i18n}}</p>
+            <div class="card d-block">
+                <div class="card-body text-center" *ngIf="syncLoading">
+                    <i class="fa fa-spinner fa-spin" title="{{'loading' | i18n}}" aria-hidden="true"></i>
+                    {{'loading' | i18n}}
+                </div>
+                <div class="card-body" *ngIf="!syncLoading">
+                    <app-callout type="info">{{'ssoCompleteRegistration' | i18n}}</app-callout>
+                    <div class="form-group">
+                        <app-callout type="info" *ngIf="enforcedPolicyOptions">
+                            {{'masterPasswordPolicyInEffect' | i18n}}
+                            <ul class="mb-0">
+                                <li *ngIf="enforcedPolicyOptions?.minComplexity > 0">
+                                    {{'policyInEffectMinComplexity' | i18n : getPasswordScoreAlertDisplay()}}
+                                </li>
+                                <li *ngIf="enforcedPolicyOptions?.minLength > 0">
+                                    {{'policyInEffectMinLength' | i18n : enforcedPolicyOptions?.minLength.toString()}}
+                                </li>
+                                <li *ngIf="enforcedPolicyOptions?.requireUpper">
+                                    {{'policyInEffectUppercase' | i18n}}</li>
+                                <li *ngIf="enforcedPolicyOptions?.requireLower">
+                                    {{'policyInEffectLowercase' | i18n}}</li>
+                                <li *ngIf="enforcedPolicyOptions?.requireNumbers">
+                                    {{'policyInEffectNumbers' | i18n}}</li>
+                                <li *ngIf="enforcedPolicyOptions?.requireSpecial">
+                                    {{'policyInEffectSpecial' | i18n : '!@#$%^&*'}}</li>
+                            </ul>
+                        </app-callout>
+                        <label for="masterPassword">{{'masterPass' | i18n}}</label>
+                        <div class="d-flex">
+                            <div class="w-100">
+                                <input id="masterPassword" type="{{showPassword ? 'text' : 'password'}}"
+                                    name="MasterPasswordHash" class="text-monospace form-control mb-1"
+                                    [(ngModel)]="masterPassword" (input)="updatePasswordStrength()" required
+                                    appInputVerbatim>
+                                <app-password-strength [score]="masterPasswordScore" [showText]="true">
+                                </app-password-strength>
+                            </div>
+                            <div>
+                                <button type="button" class="ml-1 btn btn-link"
+                                    appA11yTitle="{{'toggleVisibility' | i18n}}" (click)="togglePassword(false)">
+                                    <i class="fa fa-lg" aria-hidden="true"
+                                        [ngClass]="{'fa-eye': !showPassword, 'fa-eye-slash': showPassword}"></i>
+                                </button>
+                                <div class="progress-bar invisible"></div>
+                            </div>
+                        </div>
+                        <small class="form-text text-muted">{{'masterPassDesc' | i18n}}</small>
+                    </div>
+                    <div class="form-group">
+                        <label for="masterPasswordRetype">{{'reTypeMasterPass' | i18n}}</label>
+                        <div class="d-flex">
+                            <input id="masterPasswordRetype" type="{{showPassword ? 'text' : 'password'}}"
+                                name="MasterPasswordRetype" class="text-monospace form-control"
+                                [(ngModel)]="masterPasswordRetype" required appInputVerbatim>
+                            <button type="button" class="ml-1 btn btn-link" appA11yTitle="{{'toggleVisibility' | i18n}}"
+                                (click)="togglePassword(true)">
+                                <i class="fa fa-lg" aria-hidden="true"
+                                    [ngClass]="{'fa-eye': !showPassword, 'fa-eye-slash': showPassword}"></i>
+                            </button>
+                        </div>
+                    </div>
+                    <div class="form-group">
+                        <label for="hint">{{'masterPassHint' | i18n}}</label>
+                        <input id="hint" class="form-control" type="text" name="Hint" [(ngModel)]="hint">
+                        <small class="form-text text-muted">{{'masterPassHintDesc' | i18n}}</small>
+                    </div>
+                    <hr>
+                    <div class="d-flex">
+                        <button type="submit" class="btn btn-primary btn-block btn-submit" [disabled]="form.loading">
+                            <i class="fa fa-spinner fa-spin" title="{{'loading' | i18n}}" aria-hidden="true"></i>
+                            <span>{{'submit' | i18n}}</span>
+                        </button>
+                        <button type="button" class="btn btn-outline-secondary btn-block ml-2 mt-0" (click)="logOut()">
+                            {{'logOut' | i18n}}
+                        </button>
+                    </div>
+                </div>
+            </div>
+        </div>
+    </div>
+</form>
--- a/src/app/accounts/set-password.component.ts
+++ b/src/app/accounts/set-password.component.ts
@@ -0,0 +1,34 @@
+import { Component } from '@angular/core';
+import {
+    ActivatedRoute,
+    Router,
+} from '@angular/router';
+
+import { ApiService } from 'jslib-common/abstractions/api.service';
+import { CryptoService } from 'jslib-common/abstractions/crypto.service';
+import { I18nService } from 'jslib-common/abstractions/i18n.service';
+import { MessagingService } from 'jslib-common/abstractions/messaging.service';
+import { PasswordGenerationService } from 'jslib-common/abstractions/passwordGeneration.service';
+import { PlatformUtilsService } from 'jslib-common/abstractions/platformUtils.service';
+import { PolicyService } from 'jslib-common/abstractions/policy.service';
+import { SyncService } from 'jslib-common/abstractions/sync.service';
+import { UserService } from 'jslib-common/abstractions/user.service';
+
+import {
+    SetPasswordComponent as BaseSetPasswordComponent,
+} from 'jslib-angular/components/set-password.component';
+
+@Component({
+    selector: 'app-set-password',
+    templateUrl: 'set-password.component.html',
+})
+export class SetPasswordComponent extends BaseSetPasswordComponent {
+    constructor(apiService: ApiService, i18nService: I18nService,
+        cryptoService: CryptoService, messagingService: MessagingService,
+        userService: UserService, passwordGenerationService: PasswordGenerationService,
+        platformUtilsService: PlatformUtilsService, policyService: PolicyService, router: Router,
+        syncService: SyncService, route: ActivatedRoute) {
+        super(i18nService, cryptoService, messagingService, userService, passwordGenerationService,
+            platformUtilsService, policyService, router, apiService, syncService, route);
+    }
+}
--- a/src/app/accounts/sso.component.html
+++ b/src/app/accounts/sso.component.html
@@ -0,0 +1,33 @@
+<form #form (ngSubmit)="submit()" class="container" [appApiAction]="initiateSsoFormPromise" ngNativeValidate>
+    <div class="row justify-content-md-center mt-5">
+        <div class="col-5">
+            <img src="../../images/logo-dark@2x.png" class="logo mb-2" alt="Bitwarden">
+            <div class="card d-block mt-4">
+                <div class="card-body" *ngIf="loggingIn">
+                    <i class="fa fa-spinner fa-spin" title="{{'loading' | i18n}}" aria-hidden="true"></i>
+                    {{'loading' | i18n}}
+                </div>
+                <div class="card-body" *ngIf="!loggingIn">
+                    <p>{{'ssoLogInWithOrgIdentifier' | i18n}}</p>
+                    <div class="form-group">
+                        <label for="identifier">{{'organizationIdentifier' | i18n}}</label>
+                        <input id="identifier" class="form-control" type="text" name="Identifier"
+                            [(ngModel)]="identifier" required appAutofocus>
+                    </div>
+                    <hr>
+                    <div class="d-flex">
+                        <button type="submit" class="btn btn-primary btn-block btn-submit" [disabled]="form.loading">
+                            <span>
+                                <i class="fa fa-sign-in" aria-hidden="true"></i> {{'logIn' | i18n}}
+                            </span>
+                            <i class="fa fa-spinner fa-spin" title="{{'loading' | i18n}}" aria-hidden="true"></i>
+                        </button>
+                        <a routerLink="/" class="btn btn-outline-secondary btn-block ml-2 mt-0">
+                            {{'cancel' | i18n}}
+                        </a>
+                    </div>
+                </div>
+            </div>
+        </div>
+    </div>
+</form>
--- a/src/app/accounts/sso.component.ts
+++ b/src/app/accounts/sso.component.ts
@@ -0,0 +1,61 @@
+import { Component } from '@angular/core';
+import {
+    ActivatedRoute,
+    Router,
+} from '@angular/router';
+
+import { ApiService } from 'jslib-common/abstractions/api.service';
+import { AuthService } from 'jslib-common/abstractions/auth.service';
+import { CryptoFunctionService } from 'jslib-common/abstractions/cryptoFunction.service';
+import { I18nService } from 'jslib-common/abstractions/i18n.service';
+import { PasswordGenerationService } from 'jslib-common/abstractions/passwordGeneration.service';
+import { PlatformUtilsService } from 'jslib-common/abstractions/platformUtils.service';
+import { StateService } from 'jslib-common/abstractions/state.service';
+import { StorageService } from 'jslib-common/abstractions/storage.service';
+
+import { SsoComponent as BaseSsoComponent } from 'jslib-angular/components/sso.component';
+
+const IdentifierStorageKey = 'ssoOrgIdentifier';
+
+@Component({
+    selector: 'app-sso',
+    templateUrl: 'sso.component.html',
+})
+export class SsoComponent extends BaseSsoComponent {
+    constructor(authService: AuthService, router: Router,
+        i18nService: I18nService, route: ActivatedRoute,
+        storageService: StorageService, stateService: StateService,
+        platformUtilsService: PlatformUtilsService, apiService: ApiService,
+        cryptoFunctionService: CryptoFunctionService,
+        passwordGenerationService: PasswordGenerationService) {
+        super(authService, router, i18nService, route, storageService, stateService, platformUtilsService,
+            apiService, cryptoFunctionService, passwordGenerationService);
+        this.redirectUri = window.location.origin + '/sso-connector.html';
+        this.clientId = 'web';
+    }
+
+    async ngOnInit() {
+        super.ngOnInit();
+        const queryParamsSub = this.route.queryParams.subscribe(async qParams => {
+            if (qParams.identifier != null) {
+                this.identifier = qParams.identifier;
+            } else {
+                const storedIdentifier = await this.storageService.get<string>(IdentifierStorageKey);
+                if (storedIdentifier != null) {
+                    this.identifier = storedIdentifier;
+                }
+            }
+            if (queryParamsSub != null) {
+                queryParamsSub.unsubscribe();
+            }
+        });
+    }
+
+    async submit() {
+        await this.storageService.save(IdentifierStorageKey, this.identifier);
+        if (this.clientId === 'browser') {
+            document.cookie = `ssoHandOffMessage=${this.i18nService.t('ssoHandOff')};SameSite=strict`;
+        }
+        super.submit();
+    }
+}
--- a/src/app/accounts/two-factor-options.component.html
+++ b/src/app/accounts/two-factor-options.component.html
@@ -1,5 +1,5 @@
 <div class="modal fade" tabindex="-1" role="dialog" aria-modal="true" aria-labelledby="twoStepOptionsTitle">
-    <div class="modal-dialog" role="document">
+    <div class="modal-dialog modal-dialog-scrollable" role="document">
        <div class="modal-content">
            <div class="modal-header">
                <h2 class="modal-title" id="twoStepOptionsTitle">{{'twoStepOptions' | i18n}}</h2>
@@ -7,17 +7,19 @@
                    <span aria-hidden="true">&times;</span>
                </button>
            </div>
-            <div class="list-group list-group-flush">
-                <a href="#" appStopClick *ngFor="let p of providers" (click)="choose(p)"
-                    class="list-group-item list-group-item-action">
-                    <img [src]="'images/two-factor/' + p.type + '.png'" alt="" class="pull-right">
-                    <h3>{{p.name}}</h3>
-                    {{p.description}}
-                </a>
-                <a href="#" appStopClick class="list-group-item list-group-item-action" (click)="recover()">
-                    <h3>{{'recoveryCodeTitle' | i18n}}</h3>
-                    {{'recoveryCodeDesc' | i18n}}
-                </a>
+            <div class="modal-body">
+                <div class="list-group list-group-flush">
+                    <a href="#" appStopClick *ngFor="let p of providers" (click)="choose(p)"
+                        class="list-group-item list-group-item-action">
+                        <img [src]="'images/two-factor/' + p.type + '.png'" alt="" class="pull-right">
+                        <h3>{{p.name}}</h3>
+                        {{p.description}}
+                    </a>
+                    <a href="#" appStopClick class="list-group-item list-group-item-action" (click)="recover()">
+                        <h3>{{'recoveryCodeTitle' | i18n}}</h3>
+                        {{'recoveryCodeDesc' | i18n}}
+                    </a>
+                </div>
            </div>
            <div class="modal-footer">
                <button type="button" class="btn btn-outline-secondary" data-dismiss="modal">{{'close' | i18n}}</button>
--- a/src/app/accounts/two-factor-options.component.ts
+++ b/src/app/accounts/two-factor-options.component.ts
@@ -1,13 +1,13 @@
 import { Component } from '@angular/core';
 import { Router } from '@angular/router';

-import { AuthService } from 'jslib/abstractions/auth.service';
-import { I18nService } from 'jslib/abstractions/i18n.service';
-import { PlatformUtilsService } from 'jslib/abstractions/platformUtils.service';
+import { AuthService } from 'jslib-common/abstractions/auth.service';
+import { I18nService } from 'jslib-common/abstractions/i18n.service';
+import { PlatformUtilsService } from 'jslib-common/abstractions/platformUtils.service';

 import {
    TwoFactorOptionsComponent as BaseTwoFactorOptionsComponent,
-} from 'jslib/angular/components/two-factor-options.component';
+} from 'jslib-angular/components/two-factor-options.component';

@Component({
    selector: 'app-two-factor-options',
--- a/src/app/accounts/two-factor.component.html
+++ b/src/app/accounts/two-factor.component.html
@@ -33,16 +33,10 @@
                                required appAutofocus appInputVerbatim autocomplete="new-password">
                        </div>
                    </ng-container>
-                    <ng-container *ngIf="selectedProviderType === providerType.U2f">
-                        <p class="text-center" *ngIf="!u2fReady">
-                            <i class="fa fa-spinner fa-spin text-muted" title="{{'loading' | i18n}}"
-                                aria-hidden="true"></i>
-                            <span class="sr-only">{{'loading' | i18n}}</span>
-                        </p>
-                        <ng-container *ngIf="u2fReady">
-                            <p class="text-center">{{'insertU2f' | i18n}}</p>
-                            <img src="../../images/u2fkey.jpg" alt="" class="rounded img-fluid mb-3">
-                        </ng-container>
+                    <ng-container *ngIf="selectedProviderType === providerType.WebAuthn">
+                        <div id="web-authn-frame" class="mb-3">
+                            <iframe id="webauthn_iframe"></iframe>
+                        </div>
                    </ng-container>
                    <ng-container *ngIf="selectedProviderType === providerType.Duo ||
                        selectedProviderType === providerType.OrganizationDuo">
@@ -51,7 +45,7 @@
                        </div>
                    </ng-container>
                    <i class="fa fa-spinner text-muted fa-spin pull-right" title="{{'loading' | i18n}}"
-                        *ngIf="form.loading && selectedProviderType === providerType.U2f" aria-hidden="true"></i>
+                        *ngIf="form.loading && selectedProviderType === providerType.WebAuthn" aria-hidden="true"></i>
                    <div class="form-check" *ngIf="selectedProviderType != null">
                        <input id="remember" type="checkbox" name="Remember" class="form-check-input"
                            [(ngModel)]="remember">
@@ -65,7 +59,7 @@
                    <div class="d-flex mb-3">
                        <button type="submit" class="btn btn-primary btn-block btn-submit" [disabled]="form.loading"
                            *ngIf="selectedProviderType != null && selectedProviderType !== providerType.Duo && 
-                        selectedProviderType !== providerType.OrganizationDuo && selectedProviderType !== providerType.U2f">
+                        selectedProviderType !== providerType.OrganizationDuo && selectedProviderType !== providerType.WebAuthn">
                            <span>
                                <i class="fa fa-sign-in" aria-hidden="true"></i> {{'continue' | i18n}}
                            </span>
@@ -84,4 +78,3 @@
    </div>
 </form>
 <ng-template #twoFactorOptions></ng-template>
-<iframe id="u2f_iframe" hidden></iframe>
--- a/src/app/accounts/two-factor.component.ts
+++ b/src/app/accounts/two-factor.component.ts
@@ -5,38 +5,41 @@ import {
    ViewContainerRef,
 } from '@angular/core';

-import { Router } from '@angular/router';
+import {
+    ActivatedRoute,
+    Router,
+} from '@angular/router';

 import { TwoFactorOptionsComponent } from './two-factor-options.component';

 import { ModalComponent } from '../modal.component';

-import { TwoFactorProviderType } from 'jslib/enums/twoFactorProviderType';
+import { TwoFactorProviderType } from 'jslib-common/enums/twoFactorProviderType';

-import { ApiService } from 'jslib/abstractions/api.service';
-import { AuthService } from 'jslib/abstractions/auth.service';
-import { EnvironmentService } from 'jslib/abstractions/environment.service';
-import { I18nService } from 'jslib/abstractions/i18n.service';
-import { PlatformUtilsService } from 'jslib/abstractions/platformUtils.service';
-import { StateService } from 'jslib/abstractions/state.service';
-import { StorageService } from 'jslib/abstractions/storage.service';
+import { ApiService } from 'jslib-common/abstractions/api.service';
+import { AuthService } from 'jslib-common/abstractions/auth.service';
+import { EnvironmentService } from 'jslib-common/abstractions/environment.service';
+import { I18nService } from 'jslib-common/abstractions/i18n.service';
+import { PlatformUtilsService } from 'jslib-common/abstractions/platformUtils.service';
+import { StateService } from 'jslib-common/abstractions/state.service';
+import { StorageService } from 'jslib-common/abstractions/storage.service';

-import { TwoFactorComponent as BaseTwoFactorComponent } from 'jslib/angular/components/two-factor.component';
+import { TwoFactorComponent as BaseTwoFactorComponent } from 'jslib-angular/components/two-factor.component';

@Component({
    selector: 'app-two-factor',
    templateUrl: 'two-factor.component.html',
 })
 export class TwoFactorComponent extends BaseTwoFactorComponent {
-    @ViewChild('twoFactorOptions', { read: ViewContainerRef }) twoFactorOptionsModal: ViewContainerRef;
+    @ViewChild('twoFactorOptions', { read: ViewContainerRef, static: true }) twoFactorOptionsModal: ViewContainerRef;

    constructor(authService: AuthService, router: Router,
        i18nService: I18nService, apiService: ApiService,
        platformUtilsService: PlatformUtilsService, stateService: StateService,
        environmentService: EnvironmentService, private componentFactoryResolver: ComponentFactoryResolver,
-        storageService: StorageService) {
+        storageService: StorageService, route: ActivatedRoute) {
        super(authService, router, i18nService, apiService, platformUtilsService, window, environmentService,
-            stateService, storageService);
+            stateService, storageService, route);
        this.onSuccessfulLoginNavigate = this.goAfterLogIn;
    }

@@ -57,16 +60,23 @@ export class TwoFactorComponent extends BaseTwoFactorComponent {
    }

    async goAfterLogIn() {
-        const invite = await this.stateService.get<any>('orgInvitation');
-        if (invite != null) {
-            this.router.navigate(['accept-organization'], { queryParams: invite });
+        const orgInvite = await this.stateService.get<any>('orgInvitation');
+        const emergencyInvite = await this.stateService.get<any>('emergencyInvitation');
+        if (orgInvite != null) {
+            this.router.navigate(['accept-organization'], { queryParams: orgInvite });
+        } else if (emergencyInvite != null) {
+            this.router.navigate(['accept-emergency'], { queryParams: emergencyInvite });
        } else {
            const loginRedirect = await this.stateService.get<any>('loginRedirect');
            if (loginRedirect != null) {
                this.router.navigate([loginRedirect.route], { queryParams: loginRedirect.qParams });
                await this.stateService.remove('loginRedirect');
            } else {
-                this.router.navigate([this.successRoute]);
+                this.router.navigate([this.successRoute], {
+                    queryParams: {
+                        identifier: this.identifier,
+                    },
+                });
            }
        }
    }
--- a/src/app/accounts/verify-email-token.component.ts
+++ b/src/app/accounts/verify-email-token.component.ts
@@ -9,11 +9,11 @@ import {

 import { ToasterService } from 'angular2-toaster';

-import { ApiService } from 'jslib/abstractions/api.service';
-import { I18nService } from 'jslib/abstractions/i18n.service';
-import { UserService } from 'jslib/abstractions/user.service';
+import { ApiService } from 'jslib-common/abstractions/api.service';
+import { I18nService } from 'jslib-common/abstractions/i18n.service';
+import { UserService } from 'jslib-common/abstractions/user.service';

-import { VerifyEmailRequest } from 'jslib/models/request/verifyEmailRequest';
+import { VerifyEmailRequest } from 'jslib-common/models/request/verifyEmailRequest';

@Component({
    selector: 'app-verify-email-token',
@@ -26,7 +26,7 @@ export class VerifyEmailTokenComponent implements OnInit {

    ngOnInit() {
        let fired = false;
-        this.route.queryParams.subscribe(async (qParams) => {
+        this.route.queryParams.subscribe(async qParams => {
            if (fired) {
                return;
            }
--- a/src/app/accounts/verify-recover-delete.component.ts
+++ b/src/app/accounts/verify-recover-delete.component.ts
@@ -8,12 +8,11 @@ import {
 } from '@angular/router';

 import { ToasterService } from 'angular2-toaster';
-import { Angulartics2 } from 'angulartics2';

-import { ApiService } from 'jslib/abstractions/api.service';
-import { I18nService } from 'jslib/abstractions/i18n.service';
+import { ApiService } from 'jslib-common/abstractions/api.service';
+import { I18nService } from 'jslib-common/abstractions/i18n.service';

-import { VerifyDeleteRecoverRequest } from 'jslib/models/request/verifyDeleteRecoverRequest';
+import { VerifyDeleteRecoverRequest } from 'jslib-common/models/request/verifyDeleteRecoverRequest';

@Component({
    selector: 'app-verify-recover-delete',
@@ -27,13 +26,13 @@ export class VerifyRecoverDeleteComponent implements OnInit {
    private token: string;

    constructor(private router: Router, private apiService: ApiService,
-        private analytics: Angulartics2, private toasterService: ToasterService,
-        private i18nService: I18nService, private route: ActivatedRoute) {
+        private toasterService: ToasterService, private i18nService: I18nService,
+        private route: ActivatedRoute) {
    }

    ngOnInit() {
        let fired = false;
-        this.route.queryParams.subscribe(async (qParams) => {
+        this.route.queryParams.subscribe(async qParams => {
            if (fired) {
                return;
            }
@@ -53,7 +52,6 @@ export class VerifyRecoverDeleteComponent implements OnInit {
            const request = new VerifyDeleteRecoverRequest(this.userId, this.token);
            this.formPromise = this.apiService.postAccountRecoverDeleteToken(request);
            await this.formPromise;
-            this.analytics.eventTrack.next({ action: 'Recovered Delete' });
            this.toasterService.popAsync('success', this.i18nService.t('accountDeleted'),
                this.i18nService.t('accountDeletedDesc'));
            this.router.navigate(['/']);
--- a/src/app/app-routing.module.ts
+++ b/src/app/app-routing.module.ts
@@ -8,6 +8,7 @@ import { FrontendLayoutComponent } from './layouts/frontend-layout.component';
 import { OrganizationLayoutComponent } from './layouts/organization-layout.component';
 import { UserLayoutComponent } from './layouts/user-layout.component';

+import { AcceptEmergencyComponent } from './accounts/accept-emergency.component';
 import { AcceptOrganizationComponent } from './accounts/accept-organization.component';
 import { HintComponent } from './accounts/hint.component';
 import { LockComponent } from './accounts/lock.component';
@@ -15,6 +16,8 @@ import { LoginComponent } from './accounts/login.component';
 import { RecoverDeleteComponent } from './accounts/recover-delete.component';
 import { RecoverTwoFactorComponent } from './accounts/recover-two-factor.component';
 import { RegisterComponent } from './accounts/register.component';
+import { SetPasswordComponent } from './accounts/set-password.component';
+import { SsoComponent } from './accounts/sso.component';
 import { TwoFactorComponent } from './accounts/two-factor.component';
 import { VerifyEmailTokenComponent } from './accounts/verify-email-token.component';
 import { VerifyRecoverDeleteComponent } from './accounts/verify-recover-delete.component';
@@ -55,6 +58,9 @@ import {

 import { VaultComponent as OrgVaultComponent } from './organizations/vault/vault.component';

+import { AccessComponent } from './send/access.component';
+import { SendComponent } from './send/send.component';
+
 import { AccountComponent } from './settings/account.component';
 import { CreateOrganizationComponent } from './settings/create-organization.component';
 import { DomainRulesComponent } from './settings/domain-rules.component';
@@ -81,11 +87,15 @@ import { VaultComponent } from './vault/vault.component';

 import { OrganizationGuardService } from './services/organization-guard.service';
 import { OrganizationTypeGuardService } from './services/organization-type-guard.service';
-import { UnauthGuardService } from './services/unauth-guard.service';

-import { AuthGuardService } from 'jslib/angular/services/auth-guard.service';
+import { AuthGuardService } from 'jslib-angular/services/auth-guard.service';
+import { LockGuardService } from 'jslib-angular/services/lock-guard.service';
+import { UnauthGuardService } from 'jslib-angular/services/unauth-guard.service';

-import { OrganizationUserType } from 'jslib/enums/organizationUserType';
+import { Permissions } from 'jslib-common/enums/permissions';
+
+import { EmergencyAccessViewComponent } from './settings/emergency-access-view.component';
+import { EmergencyAccessComponent } from './settings/emergency-access.component';

 const routes: Routes = [
    {
@@ -99,18 +109,36 @@ const routes: Routes = [
                canActivate: [UnauthGuardService],
                data: { titleId: 'createAccount' },
            },
+            {
+                path: 'sso', component: SsoComponent,
+                canActivate: [UnauthGuardService],
+                data: { titleId: 'enterpriseSingleSignOn' },
+            },
+            {
+                path: 'set-password', component: SetPasswordComponent,
+                data: { titleId: 'setMasterPassword' },
+            },
            {
                path: 'hint', component: HintComponent,
                canActivate: [UnauthGuardService],
                data: { titleId: 'passwordHint' },
            },
-            { path: 'lock', component: LockComponent },
+            {
+                path: 'lock',
+                component: LockComponent,
+                canActivate: [LockGuardService],
+            },
            { path: 'verify-email', component: VerifyEmailTokenComponent },
            {
                path: 'accept-organization',
                component: AcceptOrganizationComponent,
                data: { titleId: 'joinOrganization' },
            },
+            {
+                path: 'accept-emergency',
+                component: AcceptEmergencyComponent,
+                data: { titleId: 'acceptEmergency' },
+            },
            { path: 'recover', pathMatch: 'full', redirectTo: 'recover-2fa' },
            {
                path: 'recover-2fa',
@@ -130,6 +158,11 @@ const routes: Routes = [
                canActivate: [UnauthGuardService],
                data: { titleId: 'deleteAccount' },
            },
+            {
+                path: 'send/:sendId/:key',
+                component: AccessComponent,
+                data: { title: 'Bitwarden Send' },
+            },
        ],
    },
    {
@@ -138,6 +171,7 @@ const routes: Routes = [
        canActivate: [AuthGuardService],
        children: [
            { path: 'vault', component: VaultComponent, data: { titleId: 'myVault' } },
+            { path: 'sends', component: SendComponent, data: { title: 'Send' } },
            {
                path: 'settings',
                component: SettingsComponent,
@@ -160,6 +194,21 @@ const routes: Routes = [
                        component: CreateOrganizationComponent,
                        data: { titleId: 'newOrganization' },
                    },
+                    {
+                        path: 'emergency-access',
+                        children: [
+                            {
+                                path: '',
+                                component: EmergencyAccessComponent,
+                                data: { titleId: 'emergencyAccess' },
+                            },
+                            {
+                                path: ':id',
+                                component: EmergencyAccessViewComponent,
+                                data: { titleId: 'emergencyAccess' },
+                            },
+                        ],
+                    },
                ],
            },
            {
@@ -216,35 +265,75 @@ const routes: Routes = [
                path: 'tools',
                component: OrgToolsComponent,
                canActivate: [OrganizationTypeGuardService],
-                data: { allowedTypes: [OrganizationUserType.Owner, OrganizationUserType.Admin] },
+                data: { permissions: [Permissions.AccessImportExport, Permissions.AccessReports] },
                children: [
-                    { path: '', pathMatch: 'full', redirectTo: 'import' },
-                    { path: 'import', component: OrgImportComponent, data: { titleId: 'importData' } },
-                    { path: 'export', component: OrgExportComponent, data: { titleId: 'exportVault' } },
+                    {
+                        path: '',
+                        pathMatch: 'full',
+                        redirectTo: 'import',
+                    },
+                    {
+                        path: 'import',
+                        component: OrgImportComponent,
+                        canActivate: [OrganizationTypeGuardService],
+                        data: {
+                            titleId: 'importData',
+                            permissions: [Permissions.AccessImportExport],
+                        },
+                    },
+                    {
+                        path: 'export',
+                        component: OrgExportComponent,
+                        canActivate: [OrganizationTypeGuardService],
+                        data: {
+                            titleId: 'exportVault',
+                            permissions: [Permissions.AccessImportExport],
+                        },
+                    },
                    {
                        path: 'exposed-passwords-report',
                        component: OrgExposedPasswordsReportComponent,
-                        data: { titleId: 'exposedPasswordsReport' },
+                        canActivate: [OrganizationTypeGuardService],
+                        data: {
+                            titleId: 'exposedPasswordsReport',
+                            permissions: [Permissions.AccessReports],
+                        },
                    },
                    {
                        path: 'inactive-two-factor-report',
                        component: OrgInactiveTwoFactorReportComponent,
-                        data: { titleId: 'inactive2faReport' },
+                        canActivate: [OrganizationTypeGuardService],
+                        data: {
+                            titleId: 'inactive2faReport',
+                            permissions: [Permissions.AccessReports],
+                        },
                    },
                    {
                        path: 'reused-passwords-report',
                        component: OrgReusedPasswordsReportComponent,
-                        data: { titleId: 'reusedPasswordsReport' },
+                        canActivate: [OrganizationTypeGuardService],
+                        data: {
+                            titleId: 'reusedPasswordsReport',
+                            permissions: [Permissions.AccessReports],
+                        },
                    },
                    {
                        path: 'unsecured-websites-report',
                        component: OrgUnsecuredWebsitesReportComponent,
-                        data: { titleId: 'unsecuredWebsitesReport' },
+                        canActivate: [OrganizationTypeGuardService],
+                        data: {
+                            titleId: 'unsecuredWebsitesReport',
+                            permissions: [Permissions.AccessReports],
+                        },
                    },
                    {
                        path: 'weak-passwords-report',
                        component: OrgWeakPasswordsReportComponent,
-                        data: { titleId: 'weakPasswordsReport' },
+                        canActivate: [OrganizationTypeGuardService],
+                        data: {
+                            titleId: 'weakPasswordsReport',
+                            permissions: [Permissions.AccessReports],
+                        },
                    },
                ],
            },
@@ -253,26 +342,73 @@ const routes: Routes = [
                component: OrgManageComponent,
                canActivate: [OrganizationTypeGuardService],
                data: {
-                    allowedTypes: [
-                        OrganizationUserType.Owner,
-                        OrganizationUserType.Admin,
-                        OrganizationUserType.Manager,
+                    permissions: [
+                        Permissions.ManageAssignedCollections,
+                        Permissions.ManageAllCollections,
+                        Permissions.AccessEventLogs,
+                        Permissions.ManageGroups,
+                        Permissions.ManageUsers,
+                        Permissions.ManagePolicies,
                    ],
                },
                children: [
-                    { path: '', pathMatch: 'full', redirectTo: 'people' },
-                    { path: 'collections', component: OrgManageCollectionsComponent, data: { titleId: 'collections' } },
-                    { path: 'events', component: OrgEventsComponent, data: { titleId: 'eventLogs' } },
-                    { path: 'groups', component: OrgGroupsComponent, data: { titleId: 'groups' } },
-                    { path: 'people', component: OrgPeopleComponent, data: { titleId: 'people' } },
-                    { path: 'policies', component: OrgPoliciesComponent, data: { titleId: 'policies' } },
+                    {
+                        path: '',
+                        pathMatch: 'full',
+                        redirectTo: 'people',
+                    },
+                    {
+                        path: 'collections',
+                        component: OrgManageCollectionsComponent,
+                        canActivate: [OrganizationTypeGuardService],
+                        data: {
+                            titleId: 'collections',
+                            permissions: [Permissions.ManageAssignedCollections, Permissions.ManageAllCollections],
+                        },
+                    },
+                    {
+                        path: 'events',
+                        component: OrgEventsComponent,
+                        canActivate: [OrganizationTypeGuardService],
+                        data: {
+                            titleId: 'eventLogs',
+                            permissions: [Permissions.AccessEventLogs],
+                        },
+                    },
+                    {
+                        path: 'groups',
+                        component: OrgGroupsComponent,
+                        canActivate: [OrganizationTypeGuardService],
+                        data: {
+                            titleId: 'groups',
+                            permissions: [Permissions.ManageGroups],
+                        },
+                    },
+                    {
+                        path: 'people',
+                        component: OrgPeopleComponent,
+                        canActivate: [OrganizationTypeGuardService],
+                        data: {
+                            titleId: 'people',
+                            permissions: [Permissions.ManageUsers, Permissions.ManageUsersPassword],
+                        },
+                    },
+                    {
+                        path: 'policies',
+                        component: OrgPoliciesComponent,
+                        canActivate: [OrganizationTypeGuardService],
+                        data: {
+                            titleId: 'policies',
+                            permissions: [Permissions.ManagePolicies],
+                        },
+                    },
                ],
            },
            {
                path: 'settings',
                component: OrgSettingsComponent,
                canActivate: [OrganizationTypeGuardService],
-                data: { allowedTypes: [OrganizationUserType.Owner] },
+                data: { permissions: [Permissions.ManageOrganization] },
                children: [
                    { path: '', pathMatch: 'full', redirectTo: 'account' },
                    { path: 'account', component: OrgAccountComponent, data: { titleId: 'myOrganization' } },
@@ -297,6 +433,7 @@ const routes: Routes = [
@NgModule({
    imports: [RouterModule.forRoot(routes, {
        useHash: true,
+        paramsInheritanceStrategy: 'always',
        /*enableTracing: true,*/
    })],
    exports: [RouterModule],
--- a/src/app/app.component.ts
+++ b/src/app/app.component.ts
@@ -1,15 +1,12 @@
 import * as jq from 'jquery';
-import Swal from 'sweetalert2/src/sweetalert2.js';
+import Swal from 'sweetalert2';

 import {
    BodyOutputType,
    Toast,
    ToasterConfig,
-    ToasterContainerComponent,
    ToasterService,
 } from 'angular2-toaster';
-import { Angulartics2 } from 'angulartics2';
-import { Angulartics2GoogleAnalytics } from 'angulartics2/ga';

 import {
    Component,
@@ -24,30 +21,30 @@ import {
    Router,
 } from '@angular/router';

-import { BroadcasterService } from 'jslib/angular/services/broadcaster.service';
+import { BroadcasterService } from 'jslib-angular/services/broadcaster.service';

-import { StorageService } from 'jslib/abstractions/storage.service';
+import { StorageService } from 'jslib-common/abstractions/storage.service';

-import { AuthService } from 'jslib/abstractions/auth.service';
-import { CipherService } from 'jslib/abstractions/cipher.service';
-import { CollectionService } from 'jslib/abstractions/collection.service';
-import { CryptoService } from 'jslib/abstractions/crypto.service';
-import { EventService } from 'jslib/abstractions/event.service';
-import { FolderService } from 'jslib/abstractions/folder.service';
-import { I18nService } from 'jslib/abstractions/i18n.service';
-import { NotificationsService } from 'jslib/abstractions/notifications.service';
-import { PasswordGenerationService } from 'jslib/abstractions/passwordGeneration.service';
-import { PlatformUtilsService } from 'jslib/abstractions/platformUtils.service';
-import { PolicyService } from 'jslib/abstractions/policy.service';
-import { SearchService } from 'jslib/abstractions/search.service';
-import { SettingsService } from 'jslib/abstractions/settings.service';
-import { StateService } from 'jslib/abstractions/state.service';
-import { SyncService } from 'jslib/abstractions/sync.service';
-import { TokenService } from 'jslib/abstractions/token.service';
-import { UserService } from 'jslib/abstractions/user.service';
-import { VaultTimeoutService } from 'jslib/abstractions/vaultTimeout.service';
+import { AuthService } from 'jslib-common/abstractions/auth.service';
+import { CipherService } from 'jslib-common/abstractions/cipher.service';
+import { CollectionService } from 'jslib-common/abstractions/collection.service';
+import { CryptoService } from 'jslib-common/abstractions/crypto.service';
+import { EventService } from 'jslib-common/abstractions/event.service';
+import { FolderService } from 'jslib-common/abstractions/folder.service';
+import { I18nService } from 'jslib-common/abstractions/i18n.service';
+import { NotificationsService } from 'jslib-common/abstractions/notifications.service';
+import { PasswordGenerationService } from 'jslib-common/abstractions/passwordGeneration.service';
+import { PlatformUtilsService } from 'jslib-common/abstractions/platformUtils.service';
+import { PolicyService } from 'jslib-common/abstractions/policy.service';
+import { SearchService } from 'jslib-common/abstractions/search.service';
+import { SettingsService } from 'jslib-common/abstractions/settings.service';
+import { StateService } from 'jslib-common/abstractions/state.service';
+import { SyncService } from 'jslib-common/abstractions/sync.service';
+import { TokenService } from 'jslib-common/abstractions/token.service';
+import { UserService } from 'jslib-common/abstractions/user.service';
+import { VaultTimeoutService } from 'jslib-common/abstractions/vaultTimeout.service';

-import { ConstantsService } from 'jslib/services/constants.service';
+import { ConstantsService } from 'jslib-common/services/constants.service';

 import { RouterService } from './services/router.service';

@@ -70,12 +67,12 @@ export class AppComponent implements OnDestroy, OnInit {
    private idleTimer: number = null;
    private isIdle = false;

-    constructor(private angulartics2GoogleAnalytics: Angulartics2GoogleAnalytics,
+    constructor(
        private broadcasterService: BroadcasterService, private userService: UserService,
        private tokenService: TokenService, private folderService: FolderService,
        private settingsService: SettingsService, private syncService: SyncService,
        private passwordGenerationService: PasswordGenerationService, private cipherService: CipherService,
-        private authService: AuthService, private router: Router, private analytics: Angulartics2,
+        private authService: AuthService, private router: Router,
        private toasterService: ToasterService, private i18nService: I18nService,
        private platformUtilsService: PlatformUtilsService, private ngZone: NgZone,
        private vaultTimeoutService: VaultTimeoutService, private storageService: StorageService,
@@ -139,15 +136,18 @@ export class AppComponent implements OnDestroy, OnInit {
                            this.router.navigate(['settings/premium']);
                        }
                        break;
+                    case 'emailVerificationRequired':
+                        const emailVerificationConfirmed = await this.platformUtilsService.showDialog(
+                            this.i18nService.t('emailVerificationRequiredDesc'),
+                            this.i18nService.t('emailVerificationRequired'),
+                            this.i18nService.t('learnMore'), this.i18nService.t('cancel'));
+                        if (emailVerificationConfirmed) {
+                            this.platformUtilsService.launchUri('https://bitwarden.com/help/article/create-bitwarden-account/');
+                        }
+                        break;
                    case 'showToast':
                        this.showToast(message);
                        break;
-                    case 'analyticsEventTrack':
-                        this.analytics.eventTrack.next({
-                            action: message.action,
-                            properties: { label: message.label },
-                        });
-                        break;
                    case 'setFullWidth':
                        this.setFullWidth();
                        break;
@@ -157,7 +157,7 @@ export class AppComponent implements OnDestroy, OnInit {
            });
        });

-        this.router.events.subscribe((event) => {
+        this.router.events.subscribe(event => {
            if (event instanceof NavigationEnd) {
                const modals = Array.from(document.querySelectorAll('.modal'));
                for (const modal of modals) {
@@ -198,11 +198,12 @@ export class AppComponent implements OnDestroy, OnInit {

        this.searchService.clearIndex();
        this.authService.logOut(async () => {
-            this.analytics.eventTrack.next({ action: 'Logged Out' });
            if (expired) {
                this.toasterService.popAsync('warning', this.i18nService.t('loggedOut'),
                    this.i18nService.t('loginExpired'));
            }
+
+            Swal.close();
            this.router.navigate(['/']);
        });
    }
--- a/src/app/app.module.ts
+++ b/src/app/app.module.ts
@@ -1,8 +1,4 @@
-import 'core-js';
-
 import { ToasterModule } from 'angular2-toaster';
-import { Angulartics2Module } from 'angulartics2';
-import { Angulartics2GoogleAnalytics } from 'angulartics2/ga';
 import { InfiniteScrollModule } from 'ngx-infinite-scroll';

 import { AppRoutingModule } from './app-routing.module';
@@ -27,6 +23,7 @@ import { NavbarComponent } from './layouts/navbar.component';
 import { OrganizationLayoutComponent } from './layouts/organization-layout.component';
 import { UserLayoutComponent } from './layouts/user-layout.component';

+import { AcceptEmergencyComponent } from './accounts/accept-emergency.component';
 import { AcceptOrganizationComponent } from './accounts/accept-organization.component';
 import { HintComponent } from './accounts/hint.component';
 import { LockComponent } from './accounts/lock.component';
@@ -34,11 +31,16 @@ import { LoginComponent } from './accounts/login.component';
 import { RecoverDeleteComponent } from './accounts/recover-delete.component';
 import { RecoverTwoFactorComponent } from './accounts/recover-two-factor.component';
 import { RegisterComponent } from './accounts/register.component';
+import { SetPasswordComponent } from './accounts/set-password.component';
+import { SsoComponent } from './accounts/sso.component';
 import { TwoFactorOptionsComponent } from './accounts/two-factor-options.component';
 import { TwoFactorComponent } from './accounts/two-factor.component';
 import { VerifyEmailTokenComponent } from './accounts/verify-email-token.component';
 import { VerifyRecoverDeleteComponent } from './accounts/verify-recover-delete.component';

+import { BulkConfirmComponent as OrgBulkConfirmComponent } from './organizations/manage/bulk/bulk-confirm.component';
+import { BulkRemoveComponent as OrgBulkRemoveComponent } from './organizations/manage/bulk/bulk-remove.component';
+import { BulkStatusComponent as OrgBulkStatusComponent } from './organizations/manage/bulk/bulk-status.component';
 import {
    CollectionAddEditComponent as OrgCollectionAddEditComponent,
 } from './organizations/manage/collection-add-edit.component';
@@ -52,19 +54,18 @@ import { ManageComponent as OrgManageComponent } from './organizations/manage/ma
 import { PeopleComponent as OrgPeopleComponent } from './organizations/manage/people.component';
 import { PoliciesComponent as OrgPoliciesComponent } from './organizations/manage/policies.component';
 import { PolicyEditComponent as OrgPolicyEditComponent } from './organizations/manage/policy-edit.component';
+import { ResetPasswordComponent as OrgResetPasswordComponent } from './organizations/manage/reset-password.component';
 import { UserAddEditComponent as OrgUserAddEditComponent } from './organizations/manage/user-add-edit.component';
 import { UserConfirmComponent as OrgUserConfirmComponent } from './organizations/manage/user-confirm.component';
 import { UserGroupsComponent as OrgUserGroupsComponent } from './organizations/manage/user-groups.component';

 import { AccountComponent as OrgAccountComponent } from './organizations/settings/account.component';
 import { AdjustSeatsComponent } from './organizations/settings/adjust-seats.component';
-import { ApiKeyComponent as OrgApiKeyComponent } from './organizations/settings/api-key.component';
 import { ChangePlanComponent } from './organizations/settings/change-plan.component';
 import { DeleteOrganizationComponent } from './organizations/settings/delete-organization.component';
 import { DownloadLicenseComponent } from './organizations/settings/download-license.component';
 import { OrganizationBillingComponent } from './organizations/settings/organization-billing.component';
 import { OrganizationSubscriptionComponent } from './organizations/settings/organization-subscription.component';
-import { RotateApiKeyComponent as OrgRotateApiKeyComponent } from './organizations/settings/rotate-api-key.component';
 import { SettingsComponent as OrgSettingComponent } from './organizations/settings/settings.component';
 import {
    TwoFactorSetupComponent as OrgTwoFactorSetupComponent,
@@ -96,10 +97,15 @@ import { CollectionsComponent as OrgCollectionsComponent } from './organizations
 import { GroupingsComponent as OrgGroupingsComponent } from './organizations/vault/groupings.component';
 import { VaultComponent as OrgVaultComponent } from './organizations/vault/vault.component';

+import { AccessComponent } from './send/access.component';
+import { AddEditComponent as SendAddEditComponent } from './send/add-edit.component';
+import { SendComponent } from './send/send.component';
+
 import { AccountComponent } from './settings/account.component';
 import { AddCreditComponent } from './settings/add-credit.component';
 import { AdjustPaymentComponent } from './settings/adjust-payment.component';
 import { AdjustStorageComponent } from './settings/adjust-storage.component';
+import { ApiKeyComponent } from './settings/api-key.component';
 import { ChangeEmailComponent } from './settings/change-email.component';
 import { ChangeKdfComponent } from './settings/change-kdf.component';
 import { ChangePasswordComponent } from './settings/change-password.component';
@@ -107,6 +113,14 @@ import { CreateOrganizationComponent } from './settings/create-organization.comp
 import { DeauthorizeSessionsComponent } from './settings/deauthorize-sessions.component';
 import { DeleteAccountComponent } from './settings/delete-account.component';
 import { DomainRulesComponent } from './settings/domain-rules.component';
+import { EmergencyAccessAddEditComponent } from './settings/emergency-access-add-edit.component';
+import { EmergencyAccessAttachmentsComponent } from './settings/emergency-access-attachments.component';
+import { EmergencyAccessConfirmComponent } from './settings/emergency-access-confirm.component';
+import { EmergencyAccessTakeoverComponent } from './settings/emergency-access-takeover.component';
+import { EmergencyAccessViewComponent } from './settings/emergency-access-view.component';
+import { EmergencyAccessComponent } from './settings/emergency-access.component';
+import { EmergencyAddEditComponent } from './settings/emergency-add-edit.component';
+import { LinkSsoComponent } from './settings/link-sso.component';
 import { OptionsComponent } from './settings/options.component';
 import { OrganizationPlansComponent } from './settings/organization-plans.component';
 import { OrganizationsComponent } from './settings/organizations.component';
@@ -121,8 +135,8 @@ import { TwoFactorDuoComponent } from './settings/two-factor-duo.component';
 import { TwoFactorEmailComponent } from './settings/two-factor-email.component';
 import { TwoFactorRecoveryComponent } from './settings/two-factor-recovery.component';
 import { TwoFactorSetupComponent } from './settings/two-factor-setup.component';
-import { TwoFactorU2fComponent } from './settings/two-factor-u2f.component';
 import { TwoFactorVerifyComponent } from './settings/two-factor-verify.component';
+import { TwoFactorWebAuthnComponent } from './settings/two-factor-webauthn.component';
 import { TwoFactorYubiKeyComponent } from './settings/two-factor-yubikey.component';
 import { UpdateKeyComponent } from './settings/update-key.component';
 import { UpdateLicenseComponent } from './settings/update-license.component';
@@ -144,6 +158,7 @@ import { WeakPasswordsReportComponent } from './tools/weak-passwords-report.comp

 import { AddEditComponent } from './vault/add-edit.component';
 import { AttachmentsComponent } from './vault/attachments.component';
+import { BulkActionsComponent } from './vault/bulk-actions.component';
 import { BulkDeleteComponent } from './vault/bulk-delete.component';
 import { BulkMoveComponent } from './vault/bulk-move.component';
 import { BulkRestoreComponent } from './vault/bulk-restore.component';
@@ -152,76 +167,104 @@ import { CiphersComponent } from './vault/ciphers.component';
 import { CollectionsComponent } from './vault/collections.component';
 import { FolderAddEditComponent } from './vault/folder-add-edit.component';
 import { GroupingsComponent } from './vault/groupings.component';
+import { SendInfoComponent } from './vault/send-info.component';
 import { ShareComponent } from './vault/share.component';
 import { VaultComponent } from './vault/vault.component';

-import { CalloutComponent } from 'jslib/angular/components/callout.component';
-import { IconComponent } from 'jslib/angular/components/icon.component';
+import { CalloutComponent } from 'jslib-angular/components/callout.component';
+import { IconComponent } from 'jslib-angular/components/icon.component';

-import { A11yTitleDirective } from 'jslib/angular/directives/a11y-title.directive';
-import { ApiActionDirective } from 'jslib/angular/directives/api-action.directive';
-import { AutofocusDirective } from 'jslib/angular/directives/autofocus.directive';
-import { BlurClickDirective } from 'jslib/angular/directives/blur-click.directive';
-import { BoxRowDirective } from 'jslib/angular/directives/box-row.directive';
-import { FallbackSrcDirective } from 'jslib/angular/directives/fallback-src.directive';
-import { InputVerbatimDirective } from 'jslib/angular/directives/input-verbatim.directive';
-import { SelectCopyDirective } from 'jslib/angular/directives/select-copy.directive';
-import { StopClickDirective } from 'jslib/angular/directives/stop-click.directive';
-import { StopPropDirective } from 'jslib/angular/directives/stop-prop.directive';
-import { TrueFalseValueDirective } from 'jslib/angular/directives/true-false-value.directive';
+import { A11yTitleDirective } from 'jslib-angular/directives/a11y-title.directive';
+import { ApiActionDirective } from 'jslib-angular/directives/api-action.directive';
+import { AutofocusDirective } from 'jslib-angular/directives/autofocus.directive';
+import { BlurClickDirective } from 'jslib-angular/directives/blur-click.directive';
+import { BoxRowDirective } from 'jslib-angular/directives/box-row.directive';
+import { FallbackSrcDirective } from 'jslib-angular/directives/fallback-src.directive';
+import { InputVerbatimDirective } from 'jslib-angular/directives/input-verbatim.directive';
+import { SelectCopyDirective } from 'jslib-angular/directives/select-copy.directive';
+import { StopClickDirective } from 'jslib-angular/directives/stop-click.directive';
+import { StopPropDirective } from 'jslib-angular/directives/stop-prop.directive';
+import { TrueFalseValueDirective } from 'jslib-angular/directives/true-false-value.directive';

-import { ColorPasswordPipe } from 'jslib/angular/pipes/color-password.pipe';
-import { I18nPipe } from 'jslib/angular/pipes/i18n.pipe';
-import { SearchCiphersPipe } from 'jslib/angular/pipes/search-ciphers.pipe';
-import { SearchPipe } from 'jslib/angular/pipes/search.pipe';
+import { ColorPasswordPipe } from 'jslib-angular/pipes/color-password.pipe';
+import { I18nPipe } from 'jslib-angular/pipes/i18n.pipe';
+import { SearchCiphersPipe } from 'jslib-angular/pipes/search-ciphers.pipe';
+import { SearchPipe } from 'jslib-angular/pipes/search.pipe';

-import { registerLocaleData } from '@angular/common';
+import {
+    DatePipe,
+    registerLocaleData,
+} from '@angular/common';
+import localeBg from '@angular/common/locales/bg';
 import localeCa from '@angular/common/locales/ca';
 import localeCs from '@angular/common/locales/cs';
 import localeDa from '@angular/common/locales/da';
 import localeDe from '@angular/common/locales/de';
 import localeEl from '@angular/common/locales/el';
 import localeEnGb from '@angular/common/locales/en-GB';
+import localeEnIn from '@angular/common/locales/en-IN';
+import localeEo from '@angular/common/locales/eo';
 import localeEs from '@angular/common/locales/es';
 import localeEt from '@angular/common/locales/et';
+import localeFi from '@angular/common/locales/fi';
 import localeFr from '@angular/common/locales/fr';
 import localeHe from '@angular/common/locales/he';
+import localeHr from '@angular/common/locales/hr';
+import localeHu from '@angular/common/locales/hu';
+import localeId from '@angular/common/locales/id';
 import localeIt from '@angular/common/locales/it';
 import localeJa from '@angular/common/locales/ja';
 import localeKo from '@angular/common/locales/ko';
+import localeLv from '@angular/common/locales/lv';
+import localeMl from '@angular/common/locales/ml';
 import localeNb from '@angular/common/locales/nb';
 import localeNl from '@angular/common/locales/nl';
 import localePl from '@angular/common/locales/pl';
 import localePtBr from '@angular/common/locales/pt';
 import localePtPt from '@angular/common/locales/pt-PT';
+import localeRo from '@angular/common/locales/ro';
 import localeRu from '@angular/common/locales/ru';
 import localeSk from '@angular/common/locales/sk';
+import localeSr from '@angular/common/locales/sr';
 import localeSv from '@angular/common/locales/sv';
+import localeTr from '@angular/common/locales/tr';
 import localeUk from '@angular/common/locales/uk';
 import localeZhCn from '@angular/common/locales/zh-Hans';
 import localeZhTw from '@angular/common/locales/zh-Hant';

 registerLocaleData(localeCa, 'ca');
 registerLocaleData(localeCs, 'cs');
+registerLocaleData(localeBg, 'bg');
 registerLocaleData(localeDa, 'da');
 registerLocaleData(localeDe, 'de');
 registerLocaleData(localeEl, 'el');
 registerLocaleData(localeEnGb, 'en-GB');
+registerLocaleData(localeEnIn, 'en-IN');
 registerLocaleData(localeEs, 'es');
 registerLocaleData(localeEt, 'et');
+registerLocaleData(localeEo, 'eo');
+registerLocaleData(localeFi, 'fi');
 registerLocaleData(localeFr, 'fr');
 registerLocaleData(localeHe, 'he');
+registerLocaleData(localeHr, 'hr');
+registerLocaleData(localeHu, 'hu');
+registerLocaleData(localeId, 'id');
 registerLocaleData(localeIt, 'it');
 registerLocaleData(localeJa, 'ja');
 registerLocaleData(localeKo, 'ko');
+registerLocaleData(localeLv, 'lv');
+registerLocaleData(localeMl, 'ml');
 registerLocaleData(localeNb, 'nb');
 registerLocaleData(localeNl, 'nl');
 registerLocaleData(localePl, 'pl');
 registerLocaleData(localePtBr, 'pt-BR');
 registerLocaleData(localePtPt, 'pt-PT');
+registerLocaleData(localeRo, 'ro');
 registerLocaleData(localeRu, 'ru');
 registerLocaleData(localeSk, 'sk');
+registerLocaleData(localeSr, 'sr');
 registerLocaleData(localeSv, 'sv');
+registerLocaleData(localeTr, 'tr');
 registerLocaleData(localeUk, 'uk');
 registerLocaleData(localeZhCn, 'zh-CN');
 registerLocaleData(localeZhTw, 'zh-TW');
@@ -233,25 +276,24 @@ registerLocaleData(localeZhTw, 'zh-TW');
        FormsModule,
        AppRoutingModule,
        ServicesModule,
-        Angulartics2Module.forRoot([Angulartics2GoogleAnalytics], {
-            pageTracking: {
-                clearQueryParams: true,
-            },
-        }),
        ToasterModule.forRoot(),
        InfiniteScrollModule,
        DragDropModule,
    ],
    declarations: [
        A11yTitleDirective,
+        AcceptEmergencyComponent,
+        AccessComponent,
        AcceptOrganizationComponent,
        AccountComponent,
+        SetPasswordComponent,
        AddCreditComponent,
        AddEditComponent,
        AdjustPaymentComponent,
        AdjustSeatsComponent,
        AdjustStorageComponent,
        ApiActionDirective,
+        ApiKeyComponent,
        AppComponent,
        AttachmentsComponent,
        AutofocusDirective,
@@ -259,6 +301,7 @@ registerLocaleData(localeZhTw, 'zh-TW');
        BlurClickDirective,
        BoxRowDirective,
        BreachReportComponent,
+        BulkActionsComponent,
        BulkDeleteComponent,
        BulkMoveComponent,
        BulkRestoreComponent,
@@ -277,6 +320,13 @@ registerLocaleData(localeZhTw, 'zh-TW');
        DeleteOrganizationComponent,
        DomainRulesComponent,
        DownloadLicenseComponent,
+        EmergencyAccessAddEditComponent,
+        EmergencyAccessAttachmentsComponent,
+        EmergencyAccessComponent,
+        EmergencyAccessConfirmComponent,
+        EmergencyAccessTakeoverComponent,
+        EmergencyAccessViewComponent,
+        EmergencyAddEditComponent,
        ExportComponent,
        ExposedPasswordsReportComponent,
        FallbackSrcDirective,
@@ -290,6 +340,7 @@ registerLocaleData(localeZhTw, 'zh-TW');
        ImportComponent,
        InactiveTwoFactorReportComponent,
        InputVerbatimDirective,
+        LinkSsoComponent,
        LockComponent,
        LoginComponent,
        ModalComponent,
@@ -297,11 +348,13 @@ registerLocaleData(localeZhTw, 'zh-TW');
        OptionsComponent,
        OrgAccountComponent,
        OrgAddEditComponent,
-        OrgApiKeyComponent,
        OrganizationBillingComponent,
        OrganizationPlansComponent,
        OrganizationSubscriptionComponent,
        OrgAttachmentsComponent,
+        OrgBulkStatusComponent,
+        OrgBulkConfirmComponent,
+        OrgBulkRemoveComponent,
        OrgCiphersComponent,
        OrgCollectionAddEditComponent,
        OrgCollectionsComponent,
@@ -320,8 +373,8 @@ registerLocaleData(localeZhTw, 'zh-TW');
        OrgPeopleComponent,
        OrgPolicyEditComponent,
        OrgPoliciesComponent,
+        OrgResetPasswordComponent,
        OrgReusedPasswordsReportComponent,
-        OrgRotateApiKeyComponent,
        OrgSettingComponent,
        OrgToolsComponent,
        OrgTwoFactorSetupComponent,
@@ -347,8 +400,12 @@ registerLocaleData(localeZhTw, 'zh-TW');
        SearchCiphersPipe,
        SearchPipe,
        SelectCopyDirective,
+        SendAddEditComponent,
+        SendComponent,
+        SendInfoComponent,
        SettingsComponent,
        ShareComponent,
+        SsoComponent,
        StopClickDirective,
        StopPropDirective,
        TaxInfoComponent,
@@ -361,8 +418,8 @@ registerLocaleData(localeZhTw, 'zh-TW');
        TwoFactorOptionsComponent,
        TwoFactorRecoveryComponent,
        TwoFactorSetupComponent,
-        TwoFactorU2fComponent,
        TwoFactorVerifyComponent,
+        TwoFactorWebAuthnComponent,
        TwoFactorYubiKeyComponent,
        UnsecuredWebsitesReportComponent,
        UpdateKeyComponent,
@@ -378,7 +435,9 @@ registerLocaleData(localeZhTw, 'zh-TW');
    ],
    entryComponents: [
        AddEditComponent,
+        ApiKeyComponent,
        AttachmentsComponent,
+        BulkActionsComponent,
        BulkDeleteComponent,
        BulkMoveComponent,
        BulkRestoreComponent,
@@ -387,34 +446,42 @@ registerLocaleData(localeZhTw, 'zh-TW');
        DeauthorizeSessionsComponent,
        DeleteAccountComponent,
        DeleteOrganizationComponent,
+        EmergencyAccessAddEditComponent,
+        EmergencyAccessAttachmentsComponent,
+        EmergencyAccessConfirmComponent,
+        EmergencyAccessTakeoverComponent,
+        EmergencyAddEditComponent,
        FolderAddEditComponent,
        ModalComponent,
        OrgAddEditComponent,
-        OrgApiKeyComponent,
        OrgAttachmentsComponent,
+        OrgBulkStatusComponent,
+        OrgBulkConfirmComponent,
+        OrgBulkRemoveComponent,
        OrgCollectionAddEditComponent,
        OrgCollectionsComponent,
        OrgEntityEventsComponent,
        OrgEntityUsersComponent,
        OrgGroupAddEditComponent,
        OrgPolicyEditComponent,
-        OrgRotateApiKeyComponent,
+        OrgResetPasswordComponent,
        OrgUserAddEditComponent,
        OrgUserConfirmComponent,
        OrgUserGroupsComponent,
        PasswordGeneratorHistoryComponent,
        PurgeVaultComponent,
+        SendAddEditComponent,
        ShareComponent,
        TwoFactorAuthenticatorComponent,
        TwoFactorDuoComponent,
        TwoFactorEmailComponent,
        TwoFactorOptionsComponent,
        TwoFactorRecoveryComponent,
-        TwoFactorU2fComponent,
+        TwoFactorWebAuthnComponent,
        TwoFactorYubiKeyComponent,
        UpdateKeyComponent,
    ],
-    providers: [],
+    providers: [DatePipe, SearchPipe],
    bootstrap: [AppComponent],
 })
 export class AppModule { }
--- a/src/app/components/avatar.component.ts
+++ b/src/app/components/avatar.component.ts
@@ -6,10 +6,10 @@ import {
 } from '@angular/core';
 import { DomSanitizer } from '@angular/platform-browser';

-import { CryptoFunctionService } from 'jslib/abstractions/cryptoFunction.service';
-import { StateService } from 'jslib/abstractions/state.service';
+import { CryptoFunctionService } from 'jslib-common/abstractions/cryptoFunction.service';
+import { StateService } from 'jslib-common/abstractions/state.service';

-import { Utils } from 'jslib/misc/utils';
+import { Utils } from 'jslib-common/misc/utils';

@Component({
    selector: 'app-avatar',
--- a/src/app/components/password-strength.component.ts
+++ b/src/app/components/password-strength.component.ts
@@ -4,7 +4,7 @@ import {
    OnChanges,
 } from '@angular/core';

-import { I18nService } from 'jslib/abstractions/i18n.service';
+import { I18nService } from 'jslib-common/abstractions/i18n.service';

@Component({
    selector: 'app-password-strength',
--- a/src/app/dummy.module.ts
+++ b/src/app/dummy.module.ts
@@ -1,12 +0,0 @@
-import { NgModule } from '@angular/core';
-
-import { ModalComponent } from 'jslib/angular/components/modal.component';
-
-@NgModule({
-    imports: [],
-    declarations: [
-        ModalComponent,
-    ],
-})
-export class DummyModule {
-}
--- a/src/app/layouts/footer.component.ts
+++ b/src/app/layouts/footer.component.ts
@@ -3,7 +3,7 @@ import {
    OnInit,
 } from '@angular/core';

-import { PlatformUtilsService } from 'jslib/abstractions/platformUtils.service';
+import { PlatformUtilsService } from 'jslib-common/abstractions/platformUtils.service';

@Component({
    selector: 'app-footer',
@@ -15,8 +15,8 @@ export class FooterComponent implements OnInit {

    constructor(private platformUtilsService: PlatformUtilsService) { }

-    ngOnInit() {
+    async ngOnInit() {
        this.year = new Date().getFullYear().toString();
-        this.version = this.platformUtilsService.getApplicationVersion();
+        this.version = await this.platformUtilsService.getApplicationVersion();
    }
 }
--- a/src/app/layouts/frontend-layout.component.ts
+++ b/src/app/layouts/frontend-layout.component.ts
@@ -4,7 +4,7 @@ import {
    OnInit,
 } from '@angular/core';

-import { PlatformUtilsService } from 'jslib/abstractions/platformUtils.service';
+import { PlatformUtilsService } from 'jslib-common/abstractions/platformUtils.service';

@Component({
    selector: 'app-frontend-layout',
@@ -16,9 +16,9 @@ export class FrontendLayoutComponent implements OnInit, OnDestroy {

    constructor(private platformUtilsService: PlatformUtilsService) { }

-    ngOnInit() {
+    async ngOnInit() {
        this.year = new Date().getFullYear().toString();
-        this.version = this.platformUtilsService.getApplicationVersion();
+        this.version = await this.platformUtilsService.getApplicationVersion();
        document.body.classList.add('layout_frontend');
    }

--- a/src/app/layouts/navbar.component.html
+++ b/src/app/layouts/navbar.component.html
@@ -8,6 +8,9 @@
                <li class="nav-item" routerLinkActive="active">
                    <a class="nav-link" routerLink="/vault">{{'myVault' | i18n}}</a>
                </li>
+                <li class="nav-item" routerLinkActive="active">
+                    <a class="nav-link" routerLink="/sends">{{'send' | i18n}}</a>
+                </li>
                <li class="nav-item" routerLinkActive="active">
                    <a class="nav-link" routerLink="/tools">{{'tools' | i18n}}</a>
                </li>
@@ -39,7 +42,7 @@
                        <i class="fa fa-fw fa-question-circle" aria-hidden="true"></i>
                        {{'getHelp' | i18n}}
                    </a>
-                    <a class="dropdown-item" href="https://bitwarden.com#download" target="_blank" rel="noopener">
+                    <a class="dropdown-item" href="https://bitwarden.com/download/" target="_blank" rel="noopener">
                        <i class="fa fa-fw fa-download" aria-hidden="true"></i>
                        {{'getApps' | i18n}}
                    </a>
--- a/src/app/layouts/navbar.component.ts
+++ b/src/app/layouts/navbar.component.ts
@@ -3,9 +3,9 @@ import {
    OnInit,
 } from '@angular/core';

-import { MessagingService } from 'jslib/abstractions/messaging.service';
-import { PlatformUtilsService } from 'jslib/abstractions/platformUtils.service';
-import { TokenService } from 'jslib/abstractions/token.service';
+import { MessagingService } from 'jslib-common/abstractions/messaging.service';
+import { PlatformUtilsService } from 'jslib-common/abstractions/platformUtils.service';
+import { TokenService } from 'jslib-common/abstractions/token.service';

@Component({
    selector: 'app-navbar',
--- a/src/app/layouts/organization-layout.component.html
+++ b/src/app/layouts/organization-layout.component.html
@@ -1,45 +1,56 @@
 <app-navbar></app-navbar>
 <div class="org-nav" *ngIf="organization">
-    <div class="container d-flex flex-column">
-        <div class="my-auto d-flex align-items-center pl-1">
-            <app-avatar [data]="organization.name" size="45" [circle]="true"></app-avatar>
-            <div class="org-name ml-3">
-                <span>{{organization.name}}</span>
-                <small class="text-muted">{{'organization' | i18n}}</small>
-            </div>
-            <div class="ml-auto card border-danger text-danger bg-transparent" *ngIf="!organization.enabled">
-                <div class="card-body py-2">
-                    <i class="fa fa-exclamation-triangle" aria-hidden="true"></i>
-                    {{'organizationIsDisabled' | i18n}}
+    <div class="container d-flex">
+        <div class="d-flex flex-column">
+            <div class="my-auto d-flex align-items-center pl-1">
+                <app-avatar [data]="organization.name" size="45" [circle]="true"></app-avatar>
+                <div class="org-name ml-3">
+                    <span>{{organization.name}}</span>
+                    <small class="text-muted">{{'organization' | i18n}}</small>
+                </div>
+                <div class="ml-3 card border-danger text-danger bg-transparent" *ngIf="!organization.enabled">
+                    <div class="card-body py-2">
+                        <i class="fa fa-exclamation-triangle" aria-hidden="true"></i>
+                        {{'organizationIsDisabled' | i18n}}
+                    </div>
                </div>
            </div>
+            <ul class="nav nav-tabs" *ngIf="showMenuBar">
+                <li class="nav-item">
+                    <a class="nav-link" routerLink="vault" routerLinkActive="active">
+                        <i class="fa fa-lock" aria-hidden="true"></i>
+                        {{'vault' | i18n}}
+                    </a>
+                </li>
+                <li class="nav-item" *ngIf="showManageTab">
+                    <a class="nav-link" [routerLink]="manageRoute" routerLinkActive="active">
+                        <i class="fa fa-sliders" aria-hidden="true"></i>
+                        {{'manage' | i18n}}
+                    </a>
+                </li>
+                <li class="nav-item" *ngIf="showToolsTab">
+                    <a class="nav-link" [routerLink]="toolsRoute" routerLinkActive="active">
+                        <i class="fa fa-wrench" aria-hidden="true"></i>
+                        {{'tools' | i18n}}
+                    </a>
+                </li>
+                <li class="nav-item" *ngIf="organization.isOwner">
+                    <a class="nav-link" routerLink="settings" routerLinkActive="active">
+                        <i class="fa fa-cogs" aria-hidden="true"></i>
+                        {{'settings' | i18n}}
+                    </a>
+                </li>
+            </ul>
+        </div>
+        <div class="ml-auto d-flex align-items-center">
+            <button class="btn btn-primary" (click)="goToBusinessPortal()" #businessBtn
+                [appApiAction]="businessTokenPromise" *ngIf="showBusinessPortalButton">
+                <i class="fa fa-bank fa-fw" [hidden]="businessBtn.loading" aria-hidden="true"></i>
+                <i class="fa fa-spinner fa-spin fa-fw" [hidden]="!businessBtn.loading" title="{{'loading' | i18n}}"
+                    aria-hidden="true"></i>
+                {{'businessPortal' | i18n}} →
+            </button>
        </div>
-        <ul class="nav nav-tabs" *ngIf="organization.isManager">
-            <li class="nav-item">
-                <a class="nav-link" routerLink="vault" routerLinkActive="active">
-                    <i class="fa fa-lock" aria-hidden="true"></i>
-                    {{'vault' | i18n}}
-                </a>
-            </li>
-            <li class="nav-item">
-                <a class="nav-link" routerLink="manage" routerLinkActive="active">
-                    <i class="fa fa-sliders" aria-hidden="true"></i>
-                    {{'manage' | i18n}}
-                </a>
-            </li>
-            <li class="nav-item" *ngIf="organization.isAdmin">
-                <a class="nav-link" routerLink="tools" routerLinkActive="active">
-                    <i class="fa fa-wrench" aria-hidden="true"></i>
-                    {{'tools' | i18n}}
-                </a>
-            </li>
-            <li class="nav-item" *ngIf="organization.isOwner">
-                <a class="nav-link" routerLink="settings" routerLinkActive="active">
-                    <i class="fa fa-cogs" aria-hidden="true"></i>
-                    {{'settings' | i18n}}
-                </a>
-            </li>
-        </ul>
    </div>
 </div>
 <router-outlet></router-outlet>
--- a/src/app/layouts/organization-layout.component.ts
+++ b/src/app/layouts/organization-layout.component.ts
@@ -4,14 +4,17 @@ import {
    OnDestroy,
    OnInit,
 } from '@angular/core';
+
 import { ActivatedRoute } from '@angular/router';

-import { BroadcasterService } from 'jslib/angular/services/broadcaster.service';
+import { BroadcasterService } from 'jslib-angular/services/broadcaster.service';

-import { EnvironmentService } from 'jslib/abstractions/environment.service';
-import { UserService } from 'jslib/abstractions/user.service';
+import { ApiService } from 'jslib-common/abstractions/api.service';
+import { EnvironmentService } from 'jslib-common/abstractions/environment.service';
+import { PlatformUtilsService } from 'jslib-common/abstractions/platformUtils.service';
+import { UserService } from 'jslib-common/abstractions/user.service';

-import { Organization } from 'jslib/models/domain/organization';
+import { Organization } from 'jslib-common/models/domain/organization';

 const BroadcasterSubscriptionId = 'OrganizationLayoutComponent';

@@ -21,28 +24,28 @@ const BroadcasterSubscriptionId = 'OrganizationLayoutComponent';
 })
 export class OrganizationLayoutComponent implements OnInit, OnDestroy {
    organization: Organization;
-
+    businessTokenPromise: Promise<any>;
    private organizationId: string;
-    private enterpriseUrl: string;
+    private businessUrl: string;

    constructor(private route: ActivatedRoute, private userService: UserService,
-        private broadcasterService: BroadcasterService, private environmentService: EnvironmentService,
-        private ngZone: NgZone) { }
+        private broadcasterService: BroadcasterService, private ngZone: NgZone,
+        private apiService: ApiService, private platformUtilsService: PlatformUtilsService,
+        private environmentService: EnvironmentService) { }

    ngOnInit() {
-        this.enterpriseUrl = 'https://enterprise.bitwarden.com';
+        this.businessUrl = 'https://portal.bitwarden.com';
        if (this.environmentService.enterpriseUrl != null) {
-            this.enterpriseUrl = this.environmentService.enterpriseUrl;
+            this.businessUrl = this.environmentService.enterpriseUrl;
        } else if (this.environmentService.baseUrl != null) {
-            this.enterpriseUrl = this.environmentService.baseUrl + '/enterprise';
+            this.businessUrl = this.environmentService.baseUrl + '/portal';
        }

        document.body.classList.remove('layout_frontend');
-        this.route.params.subscribe(async (params) => {
+        this.route.params.subscribe(async params => {
            this.organizationId = params.organizationId;
            await this.load();
        });
-
        this.broadcasterService.subscribe(BroadcasterSubscriptionId, (message: any) => {
            this.ngZone.run(async () => {
                switch (message.command) {
@@ -61,4 +64,69 @@ export class OrganizationLayoutComponent implements OnInit, OnDestroy {
    async load() {
        this.organization = await this.userService.getOrganization(this.organizationId);
    }
+
+    async goToBusinessPortal() {
+        if (this.businessTokenPromise != null) {
+            return;
+        }
+        try {
+            this.businessTokenPromise = this.apiService.getEnterprisePortalSignInToken();
+            const token = await this.businessTokenPromise;
+            if (token != null) {
+                const userId = await this.userService.getUserId();
+                this.platformUtilsService.launchUri(this.businessUrl + '/login?userId=' + userId +
+                    '&token=' + (window as any).encodeURIComponent(token) + '&organizationId=' + this.organization.id);
+            }
+        } catch { }
+        this.businessTokenPromise = null;
+    }
+
+    get showMenuBar() {
+        return this.showManageTab || this.showToolsTab || this.organization.isOwner;
+    }
+
+    get showManageTab(): boolean {
+        return this.organization.canManageUsers ||
+            this.organization.canManageAssignedCollections ||
+            this.organization.canManageAllCollections ||
+            this.organization.canManageGroups ||
+            this.organization.canManagePolicies ||
+            this.organization.canAccessEventLogs;
+    }
+
+    get showToolsTab(): boolean {
+        return this.organization.canAccessImportExport || this.organization.canAccessReports;
+    }
+
+    get showBusinessPortalButton(): boolean {
+        return this.organization.useBusinessPortal && this.organization.canAccessBusinessPortal;
+    }
+
+    get toolsRoute(): string {
+        return this.organization.canAccessImportExport ?
+            'tools/import' :
+            'tools/exposed-passwords-report';
+    }
+
+    get manageRoute(): string {
+        let route: string;
+        switch (true) {
+            case this.organization.canManageUsers:
+                route = 'manage/people';
+                break;
+            case this.organization.canManageAssignedCollections || this.organization.canManageAllCollections:
+                route = 'manage/collections';
+                break;
+            case this.organization.canManageGroups:
+                route = 'manage/groups';
+                break;
+            case this.organization.canManagePolicies:
+                route = 'manage/policies';
+                break;
+            case this.organization.canAccessEventLogs:
+                route = 'manage/events';
+                break;
+        }
+        return route;
+    }
 }
--- a/src/app/modal.component.ts
+++ b/src/app/modal.component.ts
@@ -7,10 +7,10 @@ import {
    ViewContainerRef,
 } from '@angular/core';

-import { ModalComponent as BaseModalComponent } from 'jslib/angular/components/modal.component';
-import { Utils } from 'jslib/misc/utils';
+import { ModalComponent as BaseModalComponent } from 'jslib-angular/components/modal.component';
+import { Utils } from 'jslib-common/misc/utils';

-import { MessagingService } from 'jslib/abstractions/messaging.service';
+import { MessagingService } from 'jslib-common/abstractions/messaging.service';

@Component({
    selector: 'app-modal',
--- a/src/app/organizations/manage/bulk/bulk-confirm.component.html
+++ b/src/app/organizations/manage/bulk/bulk-confirm.component.html
@@ -0,0 +1,100 @@
+<div class="modal fade" tabindex="-1" role="dialog" aria-modal="true" aria-labelledby="bulkTitle">
+    <div class="modal-dialog modal-dialog-scrollable modal-lg" role="document">
+        <div class="modal-content">
+            <div class="modal-header">
+                <h2 class="modal-title" id="bulkTitle">
+                    {{'confirmUsers' | i18n}}
+                </h2>
+                <button type="button" class="close" data-dismiss="modal" appA11yTitle="{{'close' | i18n}}">
+                    <span aria-hidden="true">&times;</span>
+                </button>
+            </div>
+            <div class="modal-body">
+                <div class="card-body text-center" *ngIf="loading">
+                    <i class="fa fa-spinner fa-spin" title="{{'loading' | i18n}}" aria-hidden="true"></i>
+                    {{'loading' | i18n}}
+                </div>
+                <app-callout type="danger" *ngIf="filteredUsers.length <= 0">
+                    {{'noSelectedUsersApplicable' | i18n}}
+                </app-callout>
+                <app-callout type="error" *ngIf="error">
+                    {{error}}
+                </app-callout>
+                <ng-container *ngIf="!loading && !done">
+                    <p>
+                        {{'fingerprintEnsureIntegrityVerify' | i18n}}
+                        <a href="https://help.bitwarden.com/article/fingerprint-phrase/" target="_blank" rel="noopener">
+                            {{'learnMore' | i18n}}</a>
+                    </p>
+                    <table class="table table-hover table-list">
+                        <thead>
+                            <tr>
+                                <th colspan="2">{{'user' | i18n}}</th>
+                                <th>{{'fingerprint' | i18n}}</th>
+                            </tr>
+                        </thead>
+                        <tr *ngFor="let user of filteredUsers">
+                            <td width="30">
+                                <app-avatar [data]="user.name || user.email" [email]="user.email" size="25" [circle]="true"
+                                    [fontSize]="14"></app-avatar>
+                            </td>
+                            <td>
+                                {{user.email}}
+                                <small class="text-muted d-block" *ngIf="user.name">{{user.name}}</small>
+                            </td>
+                            <td>
+                                {{fingerprints.get(user.id)}}
+                            </td>
+                        </tr>
+                        <tr *ngFor="let user of excludedUsers">
+                            <td width="30">
+                                <app-avatar [data]="user.name || user.email" [email]="user.email" size="25" [circle]="true"
+                                    [fontSize]="14"></app-avatar>
+                            </td>
+                            <td>
+                                {{user.email}}
+                                <small class="text-muted d-block" *ngIf="user.name">{{user.name}}</small>
+                            </td>
+                            <td>
+                                {{'bulkFilteredMessage' | i18n}}
+                            </td>
+                        </tr>
+                    </table>
+                </ng-container>
+                <ng-container *ngIf="!loading && done">
+                    <table class="table table-hover table-list">
+                        <thead>
+                            <tr>
+                                <th colspan="2">{{'user' | i18n}}</th>
+                                <th>{{'status' | i18n}}</th>
+                            </tr>
+                        </thead>
+                        <tr *ngFor="let user of filteredUsers">
+                            <td width="30">
+                                <app-avatar [data]="user.name || user.email" [email]="user.email" size="25" [circle]="true"
+                                    [fontSize]="14"></app-avatar>
+                            </td>
+                            <td>
+                                {{user.email}}
+                                <small class="text-muted d-block" *ngIf="user.name">{{user.name}}</small>
+                            </td>
+                            <td *ngIf="statuses.has(user.id)">
+                                {{statuses.get(user.id)}}
+                            </td>
+                            <td *ngIf="!statuses.has(user.id)">
+                                {{'bulkFilteredMessage' | i18n}}
+                            </td>
+                        </tr>
+                    </table>
+                </ng-container>
+            </div>
+            <div class="modal-footer">
+                <button type="submit" class="btn btn-primary btn-submit" *ngIf="!done" [disabled]="loading" (click)="submit()">
+                    <i class="fa fa-spinner fa-spin" title="{{'loading' | i18n}}" aria-hidden="true"></i>
+                    <span>{{'confirm' | i18n}}</span>
+                </button>
+                <button type="button" class="btn btn-outline-secondary" data-dismiss="modal">{{'close' | i18n}}</button>
+            </div>
+        </div>
+    </div>
+</div>
--- a/src/app/organizations/manage/bulk/bulk-confirm.component.ts
+++ b/src/app/organizations/manage/bulk/bulk-confirm.component.ts
@@ -0,0 +1,95 @@
+import {
+    Component,
+    Input,
+    OnInit,
+} from '@angular/core';
+
+import { ApiService } from 'jslib-common/abstractions/api.service';
+import { CryptoService } from 'jslib-common/abstractions/crypto.service';
+import { I18nService } from 'jslib-common/abstractions/i18n.service';
+
+import { OrganizationUserBulkConfirmRequest } from 'jslib-common/models/request/organizationUserBulkConfirmRequest';
+import { OrganizationUserBulkRequest } from 'jslib-common/models/request/organizationUserBulkRequest';
+
+import { OrganizationUserUserDetailsResponse } from 'jslib-common/models/response/organizationUserResponse';
+
+import { OrganizationUserStatusType } from 'jslib-common/enums/organizationUserStatusType';
+
+import { Utils } from 'jslib-common/misc/utils';
+
+@Component({
+    selector: 'app-bulk-confirm',
+    templateUrl: 'bulk-confirm.component.html',
+})
+export class BulkConfirmComponent implements OnInit {
+
+    @Input() organizationId: string;
+    @Input() users: OrganizationUserUserDetailsResponse[];
+
+    excludedUsers: OrganizationUserUserDetailsResponse[];
+    filteredUsers: OrganizationUserUserDetailsResponse[];
+    publicKeys: Map<string, Uint8Array> = new Map();
+    fingerprints: Map<string, string> = new Map();
+    statuses: Map<string, string> = new Map();
+
+    loading: boolean = true;
+    done: boolean = false;
+    error: string;
+
+    constructor(private cryptoService: CryptoService, private apiService: ApiService,
+      private i18nService: I18nService) { }
+
+    async ngOnInit() {
+        this.excludedUsers = this.users.filter(user => user.status !== OrganizationUserStatusType.Accepted);
+        this.filteredUsers = this.users.filter(user => user.status === OrganizationUserStatusType.Accepted);
+
+        if (this.filteredUsers.length <= 0) {
+            this.done = true;
+        }
+
+        const request = new OrganizationUserBulkRequest(this.filteredUsers.map(user => user.id));
+        const response = await this.apiService.postOrganizationUsersPublicKey(this.organizationId, request);
+
+        for (const entry of response.data) {
+            const publicKey = Utils.fromB64ToArray(entry.key);
+            const fingerprint = await this.cryptoService.getFingerprint(entry.id, publicKey.buffer);
+            if (fingerprint != null) {
+                this.publicKeys.set(entry.id, publicKey);
+                this.fingerprints.set(entry.id, fingerprint.join('-'));
+            }
+        }
+
+        this.loading = false;
+    }
+
+    async submit() {
+        this.loading = true;
+        try {
+            const orgKey = await this.cryptoService.getOrgKey(this.organizationId);
+            const userIdsWithKeys: any[] = [];
+            for (const user of this.filteredUsers) {
+                const publicKey = this.publicKeys.get(user.id);
+                if (publicKey == null) {
+                    continue;
+                }
+                const key = await this.cryptoService.rsaEncrypt(orgKey.key, publicKey.buffer);
+                userIdsWithKeys.push({
+                    id: user.id,
+                    key: key.encryptedString,
+                });
+            }
+            const request = new OrganizationUserBulkConfirmRequest(userIdsWithKeys);
+            const response = await this.apiService.postOrganizationUserBulkConfirm(this.organizationId, request);
+
+            response.data.forEach(entry => {
+                const error = entry.error !== '' ? entry.error : this.i18nService.t('bulkConfirmMessage');
+                this.statuses.set(entry.id, error);
+            });
+
+            this.done = true;
+        } catch (e) {
+            this.error = e.message;
+        }
+        this.loading = false;
+    }
+}
--- a/src/app/organizations/manage/bulk/bulk-remove.component.html
+++ b/src/app/organizations/manage/bulk/bulk-remove.component.html
@@ -0,0 +1,81 @@
+<div class="modal fade" tabindex="-1" role="dialog" aria-modal="true" aria-labelledby="bulkTitle">
+    <div class="modal-dialog modal-dialog-scrollable modal-lg" role="document">
+        <div class="modal-content">
+            <div class="modal-header">
+                <h2 class="modal-title" id="bulkTitle">
+                    {{'removeUsers' | i18n}}
+                </h2>
+                <button type="button" class="close" data-dismiss="modal" appA11yTitle="{{'close' | i18n}}">
+                    <span aria-hidden="true">&times;</span>
+                </button>
+            </div>
+            <div class="modal-body">
+                <div class="card-body text-center" *ngIf="loading">
+                    <i class="fa fa-spinner fa-spin" title="{{'loading' | i18n}}" aria-hidden="true"></i>
+                    {{'loading' | i18n}}
+                </div>
+                <app-callout type="danger" *ngIf="users.length <= 0">
+                    {{'noSelectedUsersApplicable' | i18n}}
+                </app-callout>
+                <app-callout type="error" *ngIf="error">
+                    {{error}}
+                </app-callout>
+                <ng-container *ngIf="!loading && !done">
+                    <app-callout type="warning" *ngIf="users.length > 0 && !error">
+                        {{'removeUsersWarning' | i18n}}
+                    </app-callout>
+                    <table class="table table-hover table-list">
+                        <thead>
+                            <tr>
+                                <th colspan="2">{{'user' | i18n}}</th>
+                            </tr>
+                        </thead>
+                        <tr *ngFor="let user of users">
+                            <td width="30">
+                                <app-avatar [data]="user.name || user.email" [email]="user.email" size="25" [circle]="true"
+                                    [fontSize]="14"></app-avatar>
+                            </td>
+                            <td>
+                                {{user.email}}
+                                <small class="text-muted d-block" *ngIf="user.name">{{user.name}}</small>
+                            </td>
+                        </tr>
+                    </table>
+                </ng-container>
+                <ng-container *ngIf="!loading && done">
+                    <table class="table table-hover table-list">
+                        <thead>
+                            <tr>
+                                <th colspan="2">{{'user' | i18n}}</th>
+                                <th>{{'status' | i18n}}</th>
+                            </tr>
+                        </thead>
+                        <tr *ngFor="let user of users">
+                            <td width="30">
+                                <app-avatar [data]="user.name || user.email" [email]="user.email" size="25" [circle]="true"
+                                    [fontSize]="14"></app-avatar>
+                            </td>
+                            <td>
+                                {{user.email}}
+                                <small class="text-muted d-block" *ngIf="user.name">{{user.name}}</small>
+                            </td>
+                            <td *ngIf="statuses.has(user.id)">
+                                {{statuses.get(user.id)}}
+                            </td>
+                            <td *ngIf="!statuses.has(user.id)">
+                                {{'bulkFilteredMessage' | i18n}}
+                            </td>
+                        </tr>
+                    </table>
+                </ng-container>
+            </div>
+            <div class="modal-footer">
+                <button type="submit" class="btn btn-primary btn-submit" *ngIf="!done && users.length > 0" [disabled]="loading" (click)="submit()">
+                    <i class="fa fa-spinner fa-spin" title="{{'loading' | i18n}}" aria-hidden="true"></i>
+                    <span>{{'removeUsers' | i18n}}</span>
+                </button>
+                <button type="button" class="btn btn-outline-secondary" data-dismiss="modal">{{'close' | i18n}}</button>
+            </div>
+        </div>
+    </div>
+</div>
--- a/src/app/organizations/manage/bulk/bulk-remove.component.ts
+++ b/src/app/organizations/manage/bulk/bulk-remove.component.ts
@@ -0,0 +1,46 @@
+import {
+    Component,
+    Input,
+} from '@angular/core';
+
+import { ApiService } from 'jslib-common/abstractions/api.service';
+import { I18nService } from 'jslib-common/abstractions/i18n.service';
+import { OrganizationUserBulkRequest } from 'jslib-common/models/request/organizationUserBulkRequest';
+
+import { OrganizationUserUserDetailsResponse } from 'jslib-common/models/response/organizationUserResponse';
+
+@Component({
+    selector: 'app-bulk-remove',
+    templateUrl: 'bulk-remove.component.html',
+})
+export class BulkRemoveComponent {
+
+    @Input() organizationId: string;
+    @Input() users: OrganizationUserUserDetailsResponse[];
+
+    statuses: Map<string, string> = new Map();
+
+    loading: boolean = false;
+    done: boolean = false;
+    error: string;
+
+    constructor(private apiService: ApiService, private i18nService: I18nService) { }
+
+    async submit() {
+        this.loading = true;
+        try {
+            const request = new OrganizationUserBulkRequest(this.users.map(user => user.id));
+            const response = await this.apiService.deleteManyOrganizationUsers(this.organizationId, request);
+
+            response.data.forEach(entry => {
+                const error = entry.error !== '' ? entry.error : this.i18nService.t('bulkRemovedMessage');
+                this.statuses.set(entry.id, error);
+            });
+            this.done = true;
+        } catch (e) {
+            this.error = e.message;
+        }
+
+        this.loading = false;
+    }
+}
--- a/src/app/organizations/manage/bulk/bulk-status.component.html
+++ b/src/app/organizations/manage/bulk/bulk-status.component.html
@@ -0,0 +1,47 @@
+<div class="modal fade" tabindex="-1" role="dialog" aria-modal="true" aria-labelledby="bulkTitle">
+    <div class="modal-dialog modal-dialog-scrollable modal-lg" role="document">
+        <div class="modal-content">
+            <div class="modal-header">
+                <h2 class="modal-title" id="bulkTitle">
+                    {{'bulkConfirmStatus' | i18n}}
+                </h2>
+                <button type="button" class="close" data-dismiss="modal" appA11yTitle="{{'close' | i18n}}">
+                    <span aria-hidden="true">&times;</span>
+                </button>
+            </div>
+            <div class="modal-body">
+                <div class="card-body text-center" *ngIf="loading">
+                    <i class="fa fa-spinner fa-spin" title="{{'loading' | i18n}}" aria-hidden="true"></i>
+                    {{'loading' | i18n}}
+                </div>
+                <table class="table table-hover table-list" *ngIf="!loading">
+                    <thead>
+                        <tr>
+                            <th colspan="2">{{'user' | i18n}}</th>
+                            <th>{{'status' | i18n}}</th>
+                        </tr>
+                    </thead>
+                    <tr *ngFor="let item of users">
+                        <td width="30">
+                            <app-avatar [data]="item.user.name || item.user.email" [email]="item.user.email" size="25" [circle]="true"
+                                [fontSize]="14"></app-avatar>
+                        </td>
+                        <td>
+                            {{item.user.email}}
+                            <small class="text-muted d-block" *ngIf="item.user.name">{{item.user.name}}</small>
+                        </td>
+                        <td class="text-danger" *ngIf="item.error">
+                            {{item.message}}
+                        </td>
+                        <td *ngIf="!item.error">
+                            {{item.message}}
+                        </td>
+                    </tr>
+                </table>
+            </div>
+            <div class="modal-footer">
+                <button type="button" class="btn btn-outline-secondary" data-dismiss="modal">{{'close' | i18n}}</button>
+            </div>
+        </div>
+    </div>
+</div>
--- a/src/app/organizations/manage/bulk/bulk-status.component.ts
+++ b/src/app/organizations/manage/bulk/bulk-status.component.ts
@@ -0,0 +1,20 @@
+import { Component } from '@angular/core';
+
+import { OrganizationUserUserDetailsResponse } from 'jslib-common/models/response/organizationUserResponse';
+
+type BulkStatusEntry = {
+    user: OrganizationUserUserDetailsResponse,
+    error: boolean,
+    message: string,
+};
+
+@Component({
+    selector: 'app-bulk-status',
+    templateUrl: 'bulk-status.component.html',
+})
+export class BulkStatusComponent {
+
+    users: BulkStatusEntry[];
+    loading: boolean = false;
+
+}
--- a/src/app/organizations/manage/collection-add-edit.component.html
+++ b/src/app/organizations/manage/collection-add-edit.component.html
@@ -1,5 +1,5 @@
 <div class="modal fade" tabindex="-1" role="dialog" aria-modal="true" aria-labelledby="collectionAddEditTitle">
-    <div class="modal-dialog" role="document">
+    <div class="modal-dialog modal-dialog-scrollable" role="document">
        <form class="modal-content" #form (ngSubmit)="submit()" [appApiAction]="formPromise" ngNativeValidate>
            <div class="modal-header">
                <h2 class="modal-title" id="collectionAddEditTitle">{{title}}</h2>
@@ -14,7 +14,8 @@
            <div class="modal-body" *ngIf="!loading">
                <div class="form-group">
                    <label for="name">{{'name' | i18n}}</label>
-                    <input id="name" class="form-control" type="text" name="Name" [(ngModel)]="name" required>
+                    <input id="name" class="form-control" type="text" name="Name" [(ngModel)]="name" required
+                        appAutofocus>
                </div>
                <div class="form-group">
                    <label for="externalId">{{'externalId' | i18n}}</label>
--- a/src/app/organizations/manage/collection-add-edit.component.ts
+++ b/src/app/organizations/manage/collection-add-edit.component.ts
@@ -7,21 +7,20 @@ import {
 } from '@angular/core';

 import { ToasterService } from 'angular2-toaster';
-import { Angulartics2 } from 'angulartics2';

-import { ApiService } from 'jslib/abstractions/api.service';
-import { CryptoService } from 'jslib/abstractions/crypto.service';
-import { I18nService } from 'jslib/abstractions/i18n.service';
-import { PlatformUtilsService } from 'jslib/abstractions/platformUtils.service';
-import { UserService } from 'jslib/abstractions/user.service';
+import { ApiService } from 'jslib-common/abstractions/api.service';
+import { CryptoService } from 'jslib-common/abstractions/crypto.service';
+import { I18nService } from 'jslib-common/abstractions/i18n.service';
+import { PlatformUtilsService } from 'jslib-common/abstractions/platformUtils.service';
+import { UserService } from 'jslib-common/abstractions/user.service';

-import { CipherString } from 'jslib/models/domain/cipherString';
-import { SymmetricCryptoKey } from 'jslib/models/domain/symmetricCryptoKey';
-import { CollectionRequest } from 'jslib/models/request/collectionRequest';
-import { SelectionReadOnlyRequest } from 'jslib/models/request/selectionReadOnlyRequest';
-import { GroupResponse } from 'jslib/models/response/groupResponse';
+import { EncString } from 'jslib-common/models/domain/encString';
+import { SymmetricCryptoKey } from 'jslib-common/models/domain/symmetricCryptoKey';
+import { CollectionRequest } from 'jslib-common/models/request/collectionRequest';
+import { SelectionReadOnlyRequest } from 'jslib-common/models/request/selectionReadOnlyRequest';
+import { GroupResponse } from 'jslib-common/models/response/groupResponse';

-import { Utils } from 'jslib/misc/utils';
+import { Utils } from 'jslib-common/misc/utils';

@Component({
    selector: 'app-collection-add-edit',
@@ -46,9 +45,8 @@ export class CollectionAddEditComponent implements OnInit {
    private orgKey: SymmetricCryptoKey;

    constructor(private apiService: ApiService, private i18nService: I18nService,
-        private analytics: Angulartics2, private toasterService: ToasterService,
-        private platformUtilsService: PlatformUtilsService, private cryptoService: CryptoService,
-        private userService: UserService) { }
+        private toasterService: ToasterService, private platformUtilsService: PlatformUtilsService,
+        private cryptoService: CryptoService, private userService: UserService) { }

    async ngOnInit() {
        const organization = await this.userService.getOrganization(this.organizationId);
@@ -56,7 +54,7 @@ export class CollectionAddEditComponent implements OnInit {
        this.editMode = this.loading = this.collectionId != null;
        if (this.accessGroups) {
            const groupsResponse = await this.apiService.getGroups(this.organizationId);
-            this.groups = groupsResponse.data.map((r) => r).sort(Utils.getSortFunction(this.i18nService, 'name'));
+            this.groups = groupsResponse.data.map(r => r).sort(Utils.getSortFunction(this.i18nService, 'name'));
        }
        this.orgKey = await this.cryptoService.getOrgKey(this.organizationId);

@@ -65,11 +63,11 @@ export class CollectionAddEditComponent implements OnInit {
            this.title = this.i18nService.t('editCollection');
            try {
                const collection = await this.apiService.getCollectionDetails(this.organizationId, this.collectionId);
-                this.name = await this.cryptoService.decryptToUtf8(new CipherString(collection.name), this.orgKey);
+                this.name = await this.cryptoService.decryptToUtf8(new EncString(collection.name), this.orgKey);
                this.externalId = collection.externalId;
                if (collection.groups != null && this.groups.length > 0) {
-                    collection.groups.forEach((s) => {
-                        const group = this.groups.filter((g) => !g.accessAll && g.id === s.id);
+                    collection.groups.forEach(s => {
+                        const group = this.groups.filter(g => !g.accessAll && g.id === s.id);
                        if (group != null && group.length > 0) {
                            (group[0] as any).checked = true;
                            (group[0] as any).readOnly = s.readOnly;
@@ -82,7 +80,7 @@ export class CollectionAddEditComponent implements OnInit {
            this.title = this.i18nService.t('addCollection');
        }

-        this.groups.forEach((g) => {
+        this.groups.forEach(g => {
            if (g.accessAll) {
                (g as any).checked = true;
            }
@@ -103,7 +101,7 @@ export class CollectionAddEditComponent implements OnInit {
    }

    selectAll(select: boolean) {
-        this.groups.forEach((g) => this.check(g, select));
+        this.groups.forEach(g => this.check(g, select));
    }

    async submit() {
@@ -114,8 +112,8 @@ export class CollectionAddEditComponent implements OnInit {
        const request = new CollectionRequest();
        request.name = (await this.cryptoService.encrypt(this.name, this.orgKey)).encryptedString;
        request.externalId = this.externalId;
-        request.groups = this.groups.filter((g) => (g as any).checked && !g.accessAll)
-            .map((g) => new SelectionReadOnlyRequest(g.id, !!(g as any).readOnly, !!(g as any).hidePasswords));
+        request.groups = this.groups.filter(g => (g as any).checked && !g.accessAll)
+            .map(g => new SelectionReadOnlyRequest(g.id, !!(g as any).readOnly, !!(g as any).hidePasswords));

        try {
            if (this.editMode) {
@@ -124,7 +122,6 @@ export class CollectionAddEditComponent implements OnInit {
                this.formPromise = this.apiService.postCollection(this.organizationId, request);
            }
            await this.formPromise;
-            this.analytics.eventTrack.next({ action: this.editMode ? 'Edited Collection' : 'Created Collection' });
            this.toasterService.popAsync('success', null,
                this.i18nService.t(this.editMode ? 'editedCollectionId' : 'createdCollectionId', this.name));
            this.onSavedCollection.emit();
@@ -146,7 +143,6 @@ export class CollectionAddEditComponent implements OnInit {
        try {
            this.deletePromise = this.apiService.deleteCollection(this.organizationId, this.collectionId);
            await this.deletePromise;
-            this.analytics.eventTrack.next({ action: 'Deleted Collection' });
            this.toasterService.popAsync('success', null, this.i18nService.t('deletedCollectionId', this.name));
            this.onDeletedCollection.emit();
        } catch { }
--- a/src/app/organizations/manage/collections.component.ts
+++ b/src/app/organizations/manage/collections.component.ts
@@ -8,23 +8,22 @@ import {
 import { ActivatedRoute } from '@angular/router';

 import { ToasterService } from 'angular2-toaster';
-import { Angulartics2 } from 'angulartics2';

-import { ApiService } from 'jslib/abstractions/api.service';
-import { CollectionService } from 'jslib/abstractions/collection.service';
-import { I18nService } from 'jslib/abstractions/i18n.service';
-import { PlatformUtilsService } from 'jslib/abstractions/platformUtils.service';
-import { SearchService } from 'jslib/abstractions/search.service';
-import { UserService } from 'jslib/abstractions/user.service';
+import { ApiService } from 'jslib-common/abstractions/api.service';
+import { CollectionService } from 'jslib-common/abstractions/collection.service';
+import { I18nService } from 'jslib-common/abstractions/i18n.service';
+import { PlatformUtilsService } from 'jslib-common/abstractions/platformUtils.service';
+import { SearchService } from 'jslib-common/abstractions/search.service';
+import { UserService } from 'jslib-common/abstractions/user.service';

-import { CollectionData } from 'jslib/models/data/collectionData';
-import { Collection } from 'jslib/models/domain/collection';
+import { CollectionData } from 'jslib-common/models/data/collectionData';
+import { Collection } from 'jslib-common/models/domain/collection';
 import {
    CollectionDetailsResponse,
    CollectionResponse,
-} from 'jslib/models/response/collectionResponse';
-import { ListResponse } from 'jslib/models/response/listResponse';
-import { CollectionView } from 'jslib/models/view/collectionView';
+} from 'jslib-common/models/response/collectionResponse';
+import { ListResponse } from 'jslib-common/models/response/listResponse';
+import { CollectionView } from 'jslib-common/models/view/collectionView';

 import { ModalComponent } from '../../modal.component';
 import { CollectionAddEditComponent } from './collection-add-edit.component';
@@ -35,8 +34,8 @@ import { EntityUsersComponent } from './entity-users.component';
    templateUrl: 'collections.component.html',
 })
 export class CollectionsComponent implements OnInit {
-    @ViewChild('addEdit', { read: ViewContainerRef }) addEditModalRef: ViewContainerRef;
-    @ViewChild('usersTemplate', { read: ViewContainerRef }) usersModalRef: ViewContainerRef;
+    @ViewChild('addEdit', { read: ViewContainerRef, static: true }) addEditModalRef: ViewContainerRef;
+    @ViewChild('usersTemplate', { read: ViewContainerRef, static: true }) usersModalRef: ViewContainerRef;

    loading = true;
    organizationId: string;
@@ -52,15 +51,15 @@ export class CollectionsComponent implements OnInit {

    constructor(private apiService: ApiService, private route: ActivatedRoute,
        private collectionService: CollectionService, private componentFactoryResolver: ComponentFactoryResolver,
-        private analytics: Angulartics2, private toasterService: ToasterService,
-        private i18nService: I18nService, private platformUtilsService: PlatformUtilsService,
-        private userService: UserService, private searchService: SearchService) { }
+        private toasterService: ToasterService, private i18nService: I18nService,
+        private platformUtilsService: PlatformUtilsService, private userService: UserService,
+        private searchService: SearchService) { }

    async ngOnInit() {
-        this.route.parent.parent.params.subscribe(async (params) => {
+        this.route.parent.parent.params.subscribe(async params => {
            this.organizationId = params.organizationId;
            await this.load();
-            const queryParamsSub = this.route.queryParams.subscribe(async (qParams) => {
+            const queryParamsSub = this.route.queryParams.subscribe(async qParams => {
                this.searchText = qParams.search;
                if (queryParamsSub != null) {
                    queryParamsSub.unsubscribe();
@@ -72,12 +71,12 @@ export class CollectionsComponent implements OnInit {
    async load() {
        const organization = await this.userService.getOrganization(this.organizationId);
        let response: ListResponse<CollectionResponse>;
-        if (organization.isAdmin) {
+        if (organization.canManageAllCollections) {
            response = await this.apiService.getCollections(this.organizationId);
        } else {
            response = await this.apiService.getUserCollections();
        }
-        const collections = response.data.filter((c) => c.organizationId === this.organizationId).map((r) =>
+        const collections = response.data.filter(c => c.organizationId === this.organizationId).map(r =>
            new Collection(new CollectionData(r as CollectionDetailsResponse)));
        this.collections = await this.collectionService.decryptMany(collections);
        this.resetPaging();
@@ -85,7 +84,7 @@ export class CollectionsComponent implements OnInit {
    }

    loadMore() {
-        if (this.collections.length <= this.pageSize) {
+        if (!this.collections || this.collections.length <= this.pageSize) {
            return;
        }
        const pagedLength = this.pagedCollections.length;
@@ -141,7 +140,6 @@ export class CollectionsComponent implements OnInit {

        try {
            await this.apiService.deleteCollection(this.organizationId, collection.id);
-            this.analytics.eventTrack.next({ action: 'Deleted Collection' });
            this.toasterService.popAsync('success', null, this.i18nService.t('deletedCollectionId', collection.name));
            this.removeCollection(collection);
        } catch { }
@@ -185,7 +183,7 @@ export class CollectionsComponent implements OnInit {
        if (searching && this.didScroll) {
            this.resetPaging();
        }
-        return !searching && this.collections.length > this.pageSize;
+        return !searching && this.collections && this.collections.length > this.pageSize;
    }

    private removeCollection(collection: CollectionView) {
--- a/src/app/organizations/manage/entity-events.component.html
+++ b/src/app/organizations/manage/entity-events.component.html
@@ -1,5 +1,5 @@
 <div class="modal fade" tabindex="-1" role="dialog" aria-modal="true" aria-labelledby="eventLogsTitle">
-    <div class="modal-dialog modal-lg" role="document">
+    <div class="modal-dialog modal-dialog-scrollable modal-lg" role="document">
        <div class="modal-content">
            <div class="modal-header">
                <h2 class="modal-title" id="eventLogsTitle">
--- a/src/app/organizations/manage/entity-events.component.ts
+++ b/src/app/organizations/manage/entity-events.component.ts
@@ -6,13 +6,13 @@ import {

 import { ToasterService } from 'angular2-toaster';

-import { ApiService } from 'jslib/abstractions/api.service';
-import { I18nService } from 'jslib/abstractions/i18n.service';
+import { ApiService } from 'jslib-common/abstractions/api.service';
+import { I18nService } from 'jslib-common/abstractions/i18n.service';

 import { EventService } from '../../services/event.service';

-import { EventResponse } from 'jslib/models/response/eventResponse';
-import { ListResponse } from 'jslib/models/response/listResponse';
+import { EventResponse } from 'jslib-common/models/response/eventResponse';
+import { ListResponse } from 'jslib-common/models/response/listResponse';

@Component({
    selector: 'app-entity-events',
@@ -50,7 +50,7 @@ export class EntityEventsComponent implements OnInit {
    async load() {
        if (this.showUser) {
            const response = await this.apiService.getOrganizationUsers(this.organizationId);
-            response.data.forEach((u) => {
+            response.data.forEach(u => {
                const name = u.name == null || u.name.trim() === '' ? u.email : u.name;
                this.orgUsersIdMap.set(u.id, { name: name, email: u.email });
                this.orgUsersUserIdMap.set(u.userId, { name: name, email: u.email });
@@ -94,9 +94,9 @@ export class EntityEventsComponent implements OnInit {
        } catch { }

        this.continuationToken = response.continuationToken;
-        const events = response.data.map((r) => {
+        const events = await Promise.all(response.data.map(async r => {
            const userId = r.actingUserId == null ? r.userId : r.actingUserId;
-            const eventInfo = this.eventService.getEventInfo(r);
+            const eventInfo = await this.eventService.getEventInfo(r);
            const user = this.showUser && userId != null && this.orgUsersUserIdMap.has(userId) ?
                this.orgUsersUserIdMap.get(userId) : null;
            return {
@@ -110,7 +110,7 @@ export class EntityEventsComponent implements OnInit {
                ip: r.ipAddress,
                type: r.type,
            };
-        });
+        }));

        if (!clearExisting && this.events != null && this.events.length > 0) {
            this.events = this.events.concat(events);
--- a/src/app/organizations/manage/entity-users.component.html
+++ b/src/app/organizations/manage/entity-users.component.html
@@ -1,5 +1,5 @@
 <div class="modal fade" tabindex="-1" role="dialog" aria-modal="true" aria-labelledby="userAccessTitle">
-    <div class="modal-dialog modal-lg" role="document">
+    <div class="modal-dialog modal-dialog-scrollable modal-lg" role="document">
        <form class="modal-content" #form (ngSubmit)="submit()" [appApiAction]="formPromise" ngNativeValidate>
            <div class="modal-header">
                <h2 class="modal-title" id="userAccessTitle">
@@ -86,6 +86,7 @@
                                    <span *ngIf="u.type === organizationUserType.Admin">{{'admin' | i18n}}</span>
                                    <span *ngIf="u.type === organizationUserType.Manager">{{'manager' | i18n}}</span>
                                    <span *ngIf="u.type === organizationUserType.User">{{'user' | i18n}}</span>
+                                    <span *ngIf="u.type === organizationUserType.Custom">{{'custom' | i18n}}</span>
                                </td>
                                <td class="text-center" *ngIf="entity === 'collection'">
                                    <input type="checkbox" [(ngModel)]="u.hidePasswords"
--- a/src/app/organizations/manage/entity-users.component.ts
+++ b/src/app/organizations/manage/entity-users.component.ts
@@ -7,17 +7,16 @@ import {
 } from '@angular/core';

 import { ToasterService } from 'angular2-toaster';
-import { Angulartics2 } from 'angulartics2';

-import { ApiService } from 'jslib/abstractions/api.service';
-import { I18nService } from 'jslib/abstractions/i18n.service';
+import { ApiService } from 'jslib-common/abstractions/api.service';
+import { I18nService } from 'jslib-common/abstractions/i18n.service';

-import { OrganizationUserStatusType } from 'jslib/enums/organizationUserStatusType';
-import { OrganizationUserType } from 'jslib/enums/organizationUserType';
-import { SelectionReadOnlyRequest } from 'jslib/models/request/selectionReadOnlyRequest';
-import { OrganizationUserUserDetailsResponse } from 'jslib/models/response/organizationUserResponse';
+import { OrganizationUserStatusType } from 'jslib-common/enums/organizationUserStatusType';
+import { OrganizationUserType } from 'jslib-common/enums/organizationUserType';
+import { SelectionReadOnlyRequest } from 'jslib-common/models/request/selectionReadOnlyRequest';
+import { OrganizationUserUserDetailsResponse } from 'jslib-common/models/response/organizationUserResponse';

-import { Utils } from 'jslib/misc/utils';
+import { Utils } from 'jslib-common/misc/utils';

@Component({
    selector: 'app-entity-users',
@@ -42,7 +41,7 @@ export class EntityUsersComponent implements OnInit {
    private allUsers: OrganizationUserUserDetailsResponse[] = [];

    constructor(private apiService: ApiService, private i18nService: I18nService,
-        private analytics: Angulartics2, private toasterService: ToasterService) { }
+        private toasterService: ToasterService) { }

    async ngOnInit() {
        await this.loadUsers();
@@ -51,7 +50,7 @@ export class EntityUsersComponent implements OnInit {

    get users() {
        if (this.showSelected) {
-            return this.allUsers.filter((u) => (u as any).checked);
+            return this.allUsers.filter(u => (u as any).checked);
        } else {
            return this.allUsers;
        }
@@ -59,12 +58,12 @@ export class EntityUsersComponent implements OnInit {

    async loadUsers() {
        const users = await this.apiService.getOrganizationUsers(this.organizationId);
-        this.allUsers = users.data.map((r) => r).sort(Utils.getSortFunction(this.i18nService, 'email'));
+        this.allUsers = users.data.map(r => r).sort(Utils.getSortFunction(this.i18nService, 'email'));
        if (this.entity === 'group') {
            const response = await this.apiService.getGroupUsers(this.organizationId, this.entityId);
            if (response != null && users.data.length > 0) {
-                response.forEach((s) => {
-                    const user = users.data.filter((u) => u.id === s);
+                response.forEach(s => {
+                    const user = users.data.filter(u => u.id === s);
                    if (user != null && user.length > 0) {
                        (user[0] as any).checked = true;
                    }
@@ -73,8 +72,8 @@ export class EntityUsersComponent implements OnInit {
        } else if (this.entity === 'collection') {
            const response = await this.apiService.getCollectionUsers(this.organizationId, this.entityId);
            if (response != null && users.data.length > 0) {
-                response.forEach((s) => {
-                    const user = users.data.filter((u) => !u.accessAll && u.id === s.id);
+                response.forEach(s => {
+                    const user = users.data.filter(u => !u.accessAll && u.id === s.id);
                    if (user != null && user.length > 0) {
                        (user[0] as any).checked = true;
                        (user[0] as any).readOnly = s.readOnly;
@@ -84,7 +83,7 @@ export class EntityUsersComponent implements OnInit {
            }
        }

-        this.allUsers.forEach((u) => {
+        this.allUsers.forEach(u => {
            if (this.entity === 'collection' && u.accessAll) {
                (u as any).checked = true;
            }
@@ -121,17 +120,14 @@ export class EntityUsersComponent implements OnInit {
    async submit() {
        try {
            if (this.entity === 'group') {
-                const selections = this.users.filter((u) => (u as any).checked).map((u) => u.id);
+                const selections = this.users.filter(u => (u as any).checked).map(u => u.id);
                this.formPromise = this.apiService.putGroupUsers(this.organizationId, this.entityId, selections);
            } else {
-                const selections = this.users.filter((u) => (u as any).checked && !u.accessAll)
-                    .map((u) => new SelectionReadOnlyRequest(u.id, !!(u as any).readOnly, !!(u as any).hidePasswords));
+                const selections = this.users.filter(u => (u as any).checked && !u.accessAll)
+                    .map(u => new SelectionReadOnlyRequest(u.id, !!(u as any).readOnly, !!(u as any).hidePasswords));
                this.formPromise = this.apiService.putCollectionUsers(this.organizationId, this.entityId, selections);
            }
            await this.formPromise;
-            this.analytics.eventTrack.next({
-                action: this.entity === 'group' ? 'Edited Group Users' : 'Edited Collection Users',
-            });
            this.toasterService.popAsync('success', null, this.i18nService.t('updatedUsers'));
            this.onEditedUsers.emit();
        } catch { }
--- a/src/app/organizations/manage/events.component.html
+++ b/src/app/organizations/manage/events.component.html
@@ -4,17 +4,29 @@
        <div class="form-inline">
            <label class="sr-only" for="start">{{'startDate' | i18n}}</label>
            <input type="datetime-local" class="form-control form-control-sm" id="start"
-                placeholder="{{'startDate' | i18n}}" [(ngModel)]="start" placeholder="YYYY-MM-DDTHH:MM">
+                placeholder="{{'startDate' | i18n}}" [(ngModel)]="start" placeholder="YYYY-MM-DDTHH:MM"
+                (change)="dirtyDates = true">
            <span class="mx-2">-</span>
            <label class="sr-only" for="end">{{'endDate' | i18n}}</label>
            <input type="datetime-local" class="form-control form-control-sm" id="end"
-                placeholder="{{'endDate' | i18n}}" [(ngModel)]="end" placeholder="YYYY-MM-DDTHH:MM">
+                placeholder="{{'endDate' | i18n}}" [(ngModel)]="end" placeholder="YYYY-MM-DDTHH:MM"
+                (change)="dirtyDates = true">
        </div>
-        <button #refreshBtn [appApiAction]="refreshPromise" type="button" class="btn btn-sm btn-outline-primary ml-3"
-            (click)="loadEvents(true)" [disabled]="loaded && refreshBtn.loading">
-            <i class="fa fa-refresh fa-fw" aria-hidden="true" [ngClass]="{'fa-spin': loaded && refreshBtn.loading}"></i>
-            {{'refresh' | i18n}}
-        </button>
+        <form #refreshForm [appApiAction]="refreshPromise" class="d-inline">
+            <button type="button" class="btn btn-sm btn-outline-primary ml-3" (click)="loadEvents(true)"
+                [disabled]="loaded && refreshForm.loading">
+                <i class="fa fa-refresh fa-fw" aria-hidden="true" [ngClass]="{'fa-spin': loaded && refreshForm.loading}"></i>
+                {{'refresh' | i18n}}
+            </button>
+        </form>
+        <form #exportForm [appApiAction]="exportPromise" class="d-inline">
+            <button type="button" class="btn btn-sm btn-outline-primary btn-submit manual ml-3"
+                [ngClass]="{loading:exportForm.loading}" (click)="exportEvents()"
+                [disabled]="loaded && exportForm.loading || dirtyDates">
+                <i class="fa fa-spinner fa-spin" aria-hidden="true"></i>
+                <span>{{'export' | i18n}}</span>
+            </button>
+        </form>
    </div>
 </div>
 <ng-container *ngIf="!loaded">
--- a/src/app/organizations/manage/events.component.ts
+++ b/src/app/organizations/manage/events.component.ts
@@ -6,15 +6,18 @@ import { ActivatedRoute, Router } from '@angular/router';

 import { ToasterService } from 'angular2-toaster';

-import { ApiService } from 'jslib/abstractions/api.service';
-import { I18nService } from 'jslib/abstractions/i18n.service';
-import { UserService } from 'jslib/abstractions/user.service';
+import { ApiService } from 'jslib-common/abstractions/api.service';
+import { ExportService } from 'jslib-common/abstractions/export.service';
+import { I18nService } from 'jslib-common/abstractions/i18n.service';
+import { PlatformUtilsService } from 'jslib-common/abstractions/platformUtils.service';
+import { UserService } from 'jslib-common/abstractions/user.service';
+
+import { EventResponse } from 'jslib-common/models/response/eventResponse';
+import { ListResponse } from 'jslib-common/models/response/listResponse';
+import { EventView } from 'jslib-common/models/view/eventView';

 import { EventService } from '../../services/event.service';

-import { EventResponse } from 'jslib/models/response/eventResponse';
-import { ListResponse } from 'jslib/models/response/listResponse';
-
@Component({
    selector: 'app-org-events',
    templateUrl: 'events.component.html',
@@ -23,23 +26,25 @@ export class EventsComponent implements OnInit {
    loading = true;
    loaded = false;
    organizationId: string;
-    events: any[];
+    events: EventView[];
    start: string;
    end: string;
+    dirtyDates: boolean = true;
    continuationToken: string;
    refreshPromise: Promise<any>;
+    exportPromise: Promise<any>;
    morePromise: Promise<any>;

    private orgUsersUserIdMap = new Map<string, any>();
    private orgUsersIdMap = new Map<string, any>();

-    constructor(private apiService: ApiService, private route: ActivatedRoute,
-        private eventService: EventService, private i18nService: I18nService,
-        private toasterService: ToasterService, private userService: UserService,
+    constructor(private apiService: ApiService, private route: ActivatedRoute, private eventService: EventService,
+        private i18nService: I18nService, private toasterService: ToasterService, private userService: UserService,
+        private exportService: ExportService, private platformUtilsService: PlatformUtilsService,
        private router: Router) { }

    async ngOnInit() {
-        this.route.parent.parent.params.subscribe(async (params) => {
+        this.route.parent.parent.params.subscribe(async params => {
            this.organizationId = params.organizationId;
            const organization = await this.userService.getOrganization(this.organizationId);
            if (organization == null || !organization.useEvents) {
@@ -55,7 +60,7 @@ export class EventsComponent implements OnInit {

    async load() {
        const response = await this.apiService.getOrganizationUsers(this.organizationId);
-        response.data.forEach((u) => {
+        response.data.forEach(u => {
            const name = u.name == null || u.name.trim() === '' ? u.email : u.name;
            this.orgUsersIdMap.set(u.id, { name: name, email: u.email });
            this.orgUsersUserIdMap.set(u.userId, { name: name, email: u.email });
@@ -64,41 +69,91 @@ export class EventsComponent implements OnInit {
        this.loaded = true;
    }

-    async loadEvents(clearExisting: boolean) {
-        if (this.refreshPromise != null || this.morePromise != null) {
-            return;
-        }
-
-        let dates: string[] = null;
-        try {
-            dates = this.eventService.formatDateFilters(this.start, this.end);
-        } catch (e) {
-            this.toasterService.popAsync('error', this.i18nService.t('errorOccurred'),
-                this.i18nService.t('invalidDateRange'));
+    async exportEvents() {
+        if (this.appApiPromiseUnfulfilled() || this.dirtyDates) {
            return;
        }

        this.loading = true;
-        let response: ListResponse<EventResponse>;
+
+        const dates = this.parseDates();
+        if (dates == null) {
+            return;
+        }
+
        try {
-            const promise = this.apiService.getEventsOrganization(this.organizationId, dates[0], dates[1],
-                clearExisting ? null : this.continuationToken);
+            this.exportPromise = this.export(dates[0], dates[1]);
+
+            await this.exportPromise;
+        } catch { }
+
+        this.exportPromise = null;
+        this.loading = false;
+    }
+
+    async loadEvents(clearExisting: boolean) {
+        if (this.appApiPromiseUnfulfilled()) {
+            return;
+        }
+
+        const dates = this.parseDates();
+        if (dates == null) {
+            return;
+        }
+
+        this.loading = true;
+        let events: EventView[] = [];
+        try {
+            const promise = this.loadAndParseEvents(dates[0], dates[1], clearExisting ? null : this.continuationToken);
            if (clearExisting) {
                this.refreshPromise = promise;
            } else {
                this.morePromise = promise;
            }
-            response = await promise;
+            const result = await promise;
+            this.continuationToken = result.continuationToken;
+            events = result.events;
        } catch { }

-        this.continuationToken = response.continuationToken;
-        const events = response.data.map((r) => {
+        if (!clearExisting && this.events != null && this.events.length > 0) {
+            this.events = this.events.concat(events);
+        } else {
+            this.events = events;
+        }
+
+        this.dirtyDates = false;
+        this.loading = false;
+        this.morePromise = null;
+        this.refreshPromise = null;
+    }
+
+    private async export(start: string, end: string) {
+        let continuationToken = this.continuationToken;
+        let events = [].concat(this.events);
+
+        while (continuationToken != null) {
+            const result = await this.loadAndParseEvents(start, end, continuationToken);
+            continuationToken = result.continuationToken;
+            events = events.concat(result.events);
+        }
+
+        const data = await this.exportService.getEventExport(events);
+        const fileName = this.exportService.getFileName('org-events', 'csv');
+        this.platformUtilsService.saveFile(window, data, { type: 'text/plain' }, fileName);
+    }
+
+    private async loadAndParseEvents(startDate: string, endDate: string, continuationToken: string) {
+        const response = await this.apiService.getEventsOrganization(this.organizationId, startDate, endDate,
+            continuationToken);
+
+        const events = await Promise.all(response.data.map(async r => {
            const userId = r.actingUserId == null ? r.userId : r.actingUserId;
-            const eventInfo = this.eventService.getEventInfo(r);
+            const eventInfo = await this.eventService.getEventInfo(r);
            const user = userId != null && this.orgUsersUserIdMap.has(userId) ?
                this.orgUsersUserIdMap.get(userId) : null;
-            return {
+            return new EventView({
                message: eventInfo.message,
+                humanReadableMessage: eventInfo.humanReadableMessage,
                appIcon: eventInfo.appIcon,
                appName: eventInfo.appName,
                userId: userId,
@@ -107,17 +162,24 @@ export class EventsComponent implements OnInit {
                date: r.date,
                ip: r.ipAddress,
                type: r.type,
-            };
-        });
+            });
+        }));
+        return { continuationToken: response.continuationToken, events: events };
+    }

-        if (!clearExisting && this.events != null && this.events.length > 0) {
-            this.events = this.events.concat(events);
-        } else {
-            this.events = events;
+    private parseDates() {
+        let dates: string[] = null;
+        try {
+            dates = this.eventService.formatDateFilters(this.start, this.end);
+        } catch (e) {
+            this.toasterService.popAsync('error', this.i18nService.t('errorOccurred'),
+                this.i18nService.t('invalidDateRange'));
+            return null;
        }
+        return dates;
+    }

-        this.loading = false;
-        this.morePromise = null;
-        this.refreshPromise = null;
+    private appApiPromiseUnfulfilled() {
+        return this.refreshPromise != null || this.morePromise != null || this.exportPromise != null;
    }
 }
--- a/src/app/organizations/manage/group-add-edit.component.html
+++ b/src/app/organizations/manage/group-add-edit.component.html
@@ -1,5 +1,5 @@
 <div class="modal fade" tabindex="-1" role="dialog" aria-modal="true" aria-labelledby="groupAddEditTitle">
-    <div class="modal-dialog modal-lg" role="document">
+    <div class="modal-dialog modal-dialog-scrollable modal-lg" role="document">
        <form class="modal-content" #form (ngSubmit)="submit()" [appApiAction]="formPromise" ngNativeValidate>
            <div class="modal-header">
                <h2 class="modal-title" id="groupAddEditTitle">{{title}}</h2>
--- a/src/app/organizations/manage/group-add-edit.component.ts
+++ b/src/app/organizations/manage/group-add-edit.component.ts
@@ -7,19 +7,18 @@ import {
 } from '@angular/core';

 import { ToasterService } from 'angular2-toaster';
-import { Angulartics2 } from 'angulartics2';

-import { ApiService } from 'jslib/abstractions/api.service';
-import { CollectionService } from 'jslib/abstractions/collection.service';
-import { I18nService } from 'jslib/abstractions/i18n.service';
-import { PlatformUtilsService } from 'jslib/abstractions/platformUtils.service';
+import { ApiService } from 'jslib-common/abstractions/api.service';
+import { CollectionService } from 'jslib-common/abstractions/collection.service';
+import { I18nService } from 'jslib-common/abstractions/i18n.service';
+import { PlatformUtilsService } from 'jslib-common/abstractions/platformUtils.service';

-import { CollectionData } from 'jslib/models/data/collectionData';
-import { Collection } from 'jslib/models/domain/collection';
-import { GroupRequest } from 'jslib/models/request/groupRequest';
-import { SelectionReadOnlyRequest } from 'jslib/models/request/selectionReadOnlyRequest';
-import { CollectionDetailsResponse } from 'jslib/models/response/collectionResponse';
-import { CollectionView } from 'jslib/models/view/collectionView';
+import { CollectionData } from 'jslib-common/models/data/collectionData';
+import { Collection } from 'jslib-common/models/domain/collection';
+import { GroupRequest } from 'jslib-common/models/request/groupRequest';
+import { SelectionReadOnlyRequest } from 'jslib-common/models/request/selectionReadOnlyRequest';
+import { CollectionDetailsResponse } from 'jslib-common/models/response/collectionResponse';
+import { CollectionView } from 'jslib-common/models/view/collectionView';

@Component({
    selector: 'app-group-add-edit',
@@ -42,8 +41,8 @@ export class GroupAddEditComponent implements OnInit {
    deletePromise: Promise<any>;

    constructor(private apiService: ApiService, private i18nService: I18nService,
-        private analytics: Angulartics2, private toasterService: ToasterService,
-        private collectionService: CollectionService, private platformUtilsService: PlatformUtilsService) { }
+        private toasterService: ToasterService, private collectionService: CollectionService,
+        private platformUtilsService: PlatformUtilsService) { }

    async ngOnInit() {
        this.editMode = this.loading = this.groupId != null;
@@ -58,8 +57,8 @@ export class GroupAddEditComponent implements OnInit {
                this.name = group.name;
                this.externalId = group.externalId;
                if (group.collections != null && this.collections != null) {
-                    group.collections.forEach((s) => {
-                        const collection = this.collections.filter((c) => c.id === s.id);
+                    group.collections.forEach(s => {
+                        const collection = this.collections.filter(c => c.id === s.id);
                        if (collection != null && collection.length > 0) {
                            (collection[0] as any).checked = true;
                            collection[0].readOnly = s.readOnly;
@@ -77,7 +76,7 @@ export class GroupAddEditComponent implements OnInit {

    async loadCollections() {
        const response = await this.apiService.getCollections(this.organizationId);
-        const collections = response.data.map((r) =>
+        const collections = response.data.map(r =>
            new Collection(new CollectionData(r as CollectionDetailsResponse)));
        this.collections = await this.collectionService.decryptMany(collections);
    }
@@ -90,7 +89,7 @@ export class GroupAddEditComponent implements OnInit {
    }

    selectAll(select: boolean) {
-        this.collections.forEach((c) => this.check(c, select));
+        this.collections.forEach(c => this.check(c, select));
    }

    async submit() {
@@ -99,8 +98,8 @@ export class GroupAddEditComponent implements OnInit {
        request.externalId = this.externalId;
        request.accessAll = this.access === 'all';
        if (!request.accessAll) {
-            request.collections = this.collections.filter((c) => (c as any).checked)
-                .map((c) => new SelectionReadOnlyRequest(c.id, !!c.readOnly, !!c.hidePasswords));
+            request.collections = this.collections.filter(c => (c as any).checked)
+                .map(c => new SelectionReadOnlyRequest(c.id, !!c.readOnly, !!c.hidePasswords));
        }

        try {
@@ -110,7 +109,6 @@ export class GroupAddEditComponent implements OnInit {
                this.formPromise = this.apiService.postGroup(this.organizationId, request);
            }
            await this.formPromise;
-            this.analytics.eventTrack.next({ action: this.editMode ? 'Edited Group' : 'Created Group' });
            this.toasterService.popAsync('success', null,
                this.i18nService.t(this.editMode ? 'editedGroupId' : 'createdGroupId', this.name));
            this.onSavedGroup.emit();
@@ -132,7 +130,6 @@ export class GroupAddEditComponent implements OnInit {
        try {
            this.deletePromise = this.apiService.deleteGroup(this.organizationId, this.groupId);
            await this.deletePromise;
-            this.analytics.eventTrack.next({ action: 'Deleted Group' });
            this.toasterService.popAsync('success', null, this.i18nService.t('deletedGroupId', this.name));
            this.onDeletedGroup.emit();
        } catch { }
--- a/src/app/organizations/manage/groups.component.ts
+++ b/src/app/organizations/manage/groups.component.ts
@@ -11,17 +11,16 @@ import {
 } from '@angular/router';

 import { ToasterService } from 'angular2-toaster';
-import { Angulartics2 } from 'angulartics2';

-import { ApiService } from 'jslib/abstractions/api.service';
-import { I18nService } from 'jslib/abstractions/i18n.service';
-import { PlatformUtilsService } from 'jslib/abstractions/platformUtils.service';
-import { SearchService } from 'jslib/abstractions/search.service';
-import { UserService } from 'jslib/abstractions/user.service';
+import { ApiService } from 'jslib-common/abstractions/api.service';
+import { I18nService } from 'jslib-common/abstractions/i18n.service';
+import { PlatformUtilsService } from 'jslib-common/abstractions/platformUtils.service';
+import { SearchService } from 'jslib-common/abstractions/search.service';
+import { UserService } from 'jslib-common/abstractions/user.service';

-import { GroupResponse } from 'jslib/models/response/groupResponse';
+import { GroupResponse } from 'jslib-common/models/response/groupResponse';

-import { Utils } from 'jslib/misc/utils';
+import { Utils } from 'jslib-common/misc/utils';

 import { ModalComponent } from '../../modal.component';
 import { EntityUsersComponent } from './entity-users.component';
@@ -32,8 +31,8 @@ import { GroupAddEditComponent } from './group-add-edit.component';
    templateUrl: 'groups.component.html',
 })
 export class GroupsComponent implements OnInit {
-    @ViewChild('addEdit', { read: ViewContainerRef }) addEditModalRef: ViewContainerRef;
-    @ViewChild('usersTemplate', { read: ViewContainerRef }) usersModalRef: ViewContainerRef;
+    @ViewChild('addEdit', { read: ViewContainerRef, static: true }) addEditModalRef: ViewContainerRef;
+    @ViewChild('usersTemplate', { read: ViewContainerRef, static: true }) usersModalRef: ViewContainerRef;

    loading = true;
    organizationId: string;
@@ -49,12 +48,12 @@ export class GroupsComponent implements OnInit {

    constructor(private apiService: ApiService, private route: ActivatedRoute,
        private i18nService: I18nService, private componentFactoryResolver: ComponentFactoryResolver,
-        private analytics: Angulartics2, private toasterService: ToasterService,
-        private platformUtilsService: PlatformUtilsService, private userService: UserService,
-        private router: Router, private searchService: SearchService) { }
+        private toasterService: ToasterService, private platformUtilsService: PlatformUtilsService,
+        private userService: UserService, private router: Router,
+        private searchService: SearchService) { }

    async ngOnInit() {
-        this.route.parent.parent.params.subscribe(async (params) => {
+        this.route.parent.parent.params.subscribe(async params => {
            this.organizationId = params.organizationId;
            const organization = await this.userService.getOrganization(this.organizationId);
            if (organization == null || !organization.useGroups) {
@@ -62,7 +61,7 @@ export class GroupsComponent implements OnInit {
                return;
            }
            await this.load();
-            const queryParamsSub = this.route.queryParams.subscribe(async (qParams) => {
+            const queryParamsSub = this.route.queryParams.subscribe(async qParams => {
                this.searchText = qParams.search;
                if (queryParamsSub != null) {
                    queryParamsSub.unsubscribe();
@@ -81,7 +80,7 @@ export class GroupsComponent implements OnInit {
    }

    loadMore() {
-        if (this.groups.length <= this.pageSize) {
+        if (!this.groups || this.groups.length <= this.pageSize) {
            return;
        }
        const pagedLength = this.pagedGroups.length;
@@ -136,7 +135,6 @@ export class GroupsComponent implements OnInit {

        try {
            await this.apiService.deleteGroup(this.organizationId, group.id);
-            this.analytics.eventTrack.next({ action: 'Deleted Group' });
            this.toasterService.popAsync('success', null, this.i18nService.t('deletedGroupId', group.name));
            this.removeGroup(group);
        } catch { }
@@ -179,7 +177,7 @@ export class GroupsComponent implements OnInit {
        if (searching && this.didScroll) {
            this.resetPaging();
        }
-        return !searching && this.groups.length > this.pageSize;
+        return !searching && this.groups && this.groups.length > this.pageSize;
    }

    private removeGroup(group: GroupResponse) {
--- a/src/app/organizations/manage/manage.component.html
+++ b/src/app/organizations/manage/manage.component.html
@@ -5,22 +5,23 @@
                <div class="card-header">{{'manage' | i18n}}</div>
                <div class="list-group list-group-flush">
                    <a routerLink="people" class="list-group-item" routerLinkActive="active"
-                        *ngIf="organization.isAdmin">
+                        *ngIf="organization.canManageUsers">
                        {{'people' | i18n}}
                    </a>
-                    <a routerLink="collections" class="list-group-item" routerLinkActive="active">
+                    <a routerLink="collections" class="list-group-item" routerLinkActive="active"
+                        *ngIf="organization.canManageAssignedCollections || organization.canManageAllCollections">
                        {{'collections' | i18n}}
                    </a>
                    <a routerLink="groups" class="list-group-item" routerLinkActive="active"
-                        *ngIf="organization.isAdmin && accessGroups">
+                        *ngIf="organization.canManageGroups && accessGroups">
                        {{'groups' | i18n}}
                    </a>
                    <a routerLink="policies" class="list-group-item" routerLinkActive="active"
-                        *ngIf="organization.isAdmin && accessPolicies">
+                        *ngIf="organization.canManagePolicies && accessPolicies">
                        {{'policies' | i18n}}
                    </a>
                    <a routerLink="events" class="list-group-item" routerLinkActive="active"
-                        *ngIf="organization.isAdmin && accessEvents">
+                        *ngIf="organization.canAccessEventLogs && accessEvents">
                        {{'eventLogs' | i18n}}
                    </a>
                </div>
--- a/src/app/organizations/manage/manage.component.ts
+++ b/src/app/organizations/manage/manage.component.ts
@@ -4,9 +4,9 @@ import {
 } from '@angular/core';
 import { ActivatedRoute } from '@angular/router';

-import { UserService } from 'jslib/abstractions/user.service';
+import { UserService } from 'jslib-common/abstractions/user.service';

-import { Organization } from 'jslib/models/domain/organization';
+import { Organization } from 'jslib-common/models/domain/organization';

@Component({
    selector: 'app-org-manage',
@@ -21,7 +21,7 @@ export class ManageComponent implements OnInit {
    constructor(private route: ActivatedRoute, private userService: UserService) { }

    ngOnInit() {
-        this.route.parent.params.subscribe(async (params) => {
+        this.route.parent.params.subscribe(async params => {
            this.organization = await this.userService.getOrganization(params.organizationId);
            this.accessPolicies = this.organization.usePolicies;
            this.accessEvents = this.organization.useEvents;
--- a/src/app/organizations/manage/people.component.html
+++ b/src/app/organizations/manage/people.component.html
@@ -25,6 +25,36 @@
            <input type="search" class="form-control form-control-sm" id="search" placeholder="{{'search' | i18n}}"
                [(ngModel)]="searchText">
        </div>
+        <div class="dropdown ml-3" appListDropdown>
+            <button class="btn btn-sm btn-outline-secondary dropdown-toggle" type="button" id="bulkActionsButton"
+                data-toggle="dropdown" aria-haspopup="true" aria-expanded="false" appA11yTitle="{{'options' | i18n}}">
+                <i class="fa fa-cog" aria-hidden="true"></i>
+            </button>
+            <div class="dropdown-menu dropdown-menu-right" aria-labelledby="bulkActionsButton">
+                <button class="dropdown-item" appStopClick (click)="bulkReinvite()">
+                    <i class="fa fa-fw fa-envelope-o" aria-hidden="true"></i>
+                    {{'reinviteSelected' | i18n}}
+                </button>
+                <button class="dropdown-item text-success" appStopClick (click)="bulkConfirm()"
+                    *ngIf="showBulkConfirmUsers">
+                    <i class="fa fa-fw fa-check" aria-hidden="true"></i>
+                    {{'confirmSelected' | i18n}}
+                </button>
+                <button class="dropdown-item text-danger" appStopClick (click)="bulkRemove()">
+                    <i class="fa fa-fw fa-remove" aria-hidden="true"></i>
+                    {{'remove' | i18n}}
+                </button>
+                <div class="dropdown-divider"></div>
+                <button class="dropdown-item" appStopClick (click)="selectAll(true)">
+                    <i class="fa fa-fw fa-check-square-o" aria-hidden="true"></i>
+                    {{'selectAll' | i18n}}
+                </button>
+                <button class="dropdown-item" appStopClick (click)="selectAll(false)">
+                    <i class="fa fa-fw fa-minus-square-o" aria-hidden="true"></i>
+                    {{'unselectAll' | i18n}}
+                </button>
+            </div>
+        </div>
        <button type="button" class="btn btn-sm btn-outline-primary ml-3" (click)="invite()">
            <i class="fa fa-plus fa-fw" aria-hidden="true"></i>
            {{'inviteUser' | i18n}}
@@ -46,6 +76,9 @@
            [infiniteScrollDisabled]="!isPaging()" (scrolled)="loadMore()">
            <tbody>
                <tr *ngFor="let u of searchedUsers">
+                    <td (click)="checkUser(u)" class="table-list-checkbox">
+                        <input type="checkbox" [(ngModel)]="u.checked" appStopProp>
+                    </td>
                    <td width="30">
                        <app-avatar [data]="u.name || u.email" [email]="u.email" size="25" [circle]="true"
                            [fontSize]="14"></app-avatar>
@@ -63,12 +96,17 @@
                            <i class="fa fa-lock" title="{{'userUsingTwoStep' | i18n}}" aria-hidden="true"></i>
                            <span class="sr-only">{{'userUsingTwoStep' | i18n}}</span>
                        </ng-container>
+                        <ng-container *ngIf="showEnrolledStatus(u)">
+                            <i class="fa fa-key" title="{{'enrolledPasswordReset' | i18n}}" aria-hidden="true"></i>
+                            <span class="sr-only">{{'enrolledPasswordReset' | i18n}}</span>
+                        </ng-container>
                    </td>
                    <td>
                        <span *ngIf="u.type === organizationUserType.Owner">{{'owner' | i18n}}</span>
                        <span *ngIf="u.type === organizationUserType.Admin">{{'admin' | i18n}}</span>
                        <span *ngIf="u.type === organizationUserType.Manager">{{'manager' | i18n}}</span>
                        <span *ngIf="u.type === organizationUserType.User">{{'user' | i18n}}</span>
+                        <span *ngIf="u.type === organizationUserType.Custom">{{'custom' | i18n}}</span>
                    </td>
                    <td class="table-list-options">
                        <div class="dropdown" appListDropdown>
@@ -97,6 +135,11 @@
                                    <i class="fa fa-fw fa-file-text-o" aria-hidden="true"></i>
                                    {{'eventLogs' | i18n}}
                                </a>
+                                <a class="dropdown-item" href="#" appStopClick (click)="resetPassword(u)"
+                                    *ngIf="allowResetPassword(u)">
+                                    <i class="fa fa-fw fa-key" aria-hidden="true"></i>
+                                    {{'resetPassword' | i18n}}
+                                </a>
                                <a class="dropdown-item text-danger" href="#" appStopClick (click)="remove(u)">
                                    <i class="fa fa-fw fa-remove" aria-hidden="true"></i>
                                    {{'remove' | i18n}}
@@ -113,3 +156,7 @@
 <ng-template #groupsTemplate></ng-template>
 <ng-template #eventsTemplate></ng-template>
 <ng-template #confirmTemplate></ng-template>
+<ng-template #resetPasswordTemplate></ng-template>
+<ng-template #bulkStatusTemplate></ng-template>
+<ng-template #bulkConfirmTemplate></ng-template>
+<ng-template #bulkRemoveTemplate></ng-template>
--- a/src/app/organizations/manage/people.component.ts
+++ b/src/app/organizations/manage/people.component.ts
@@ -5,48 +5,67 @@ import {
    ViewChild,
    ViewContainerRef,
 } from '@angular/core';
+
 import {
    ActivatedRoute,
    Router,
 } from '@angular/router';

 import { ToasterService } from 'angular2-toaster';
-import { Angulartics2 } from 'angulartics2';

-import { ConstantsService } from 'jslib/services/constants.service';
+import { ValidationService } from 'jslib-angular/services/validation.service';
+import { ConstantsService } from 'jslib-common/services/constants.service';

-import { ApiService } from 'jslib/abstractions/api.service';
-import { CryptoService } from 'jslib/abstractions/crypto.service';
-import { I18nService } from 'jslib/abstractions/i18n.service';
-import { PlatformUtilsService } from 'jslib/abstractions/platformUtils.service';
-import { SearchService } from 'jslib/abstractions/search.service';
-import { StorageService } from 'jslib/abstractions/storage.service';
-import { UserService } from 'jslib/abstractions/user.service';
+import { ApiService } from 'jslib-common/abstractions/api.service';
+import { CryptoService } from 'jslib-common/abstractions/crypto.service';
+import { I18nService } from 'jslib-common/abstractions/i18n.service';
+import { PlatformUtilsService } from 'jslib-common/abstractions/platformUtils.service';
+import { PolicyService } from 'jslib-common/abstractions/policy.service';
+import { SearchService } from 'jslib-common/abstractions/search.service';
+import { StorageService } from 'jslib-common/abstractions/storage.service';
+import { UserService } from 'jslib-common/abstractions/user.service';

-import { OrganizationUserConfirmRequest } from 'jslib/models/request/organizationUserConfirmRequest';
+import { OrganizationKeysRequest } from 'jslib-common/models/request/organizationKeysRequest';
+import { OrganizationUserBulkRequest } from 'jslib-common/models/request/organizationUserBulkRequest';
+import { OrganizationUserConfirmRequest } from 'jslib-common/models/request/organizationUserConfirmRequest';

-import { OrganizationUserUserDetailsResponse } from 'jslib/models/response/organizationUserResponse';
+import { ListResponse } from 'jslib-common/models/response/listResponse';
+import { OrganizationUserBulkResponse } from 'jslib-common/models/response/organizationUserBulkResponse';
+import { OrganizationUserUserDetailsResponse } from 'jslib-common/models/response/organizationUserResponse';

-import { OrganizationUserStatusType } from 'jslib/enums/organizationUserStatusType';
-import { OrganizationUserType } from 'jslib/enums/organizationUserType';
+import { OrganizationUserStatusType } from 'jslib-common/enums/organizationUserStatusType';
+import { OrganizationUserType } from 'jslib-common/enums/organizationUserType';
+import { PolicyType } from 'jslib-common/enums/policyType';

-import { Utils } from 'jslib/misc/utils';
+import { SearchPipe } from 'jslib-angular/pipes/search.pipe';
+
+import { Utils } from 'jslib-common/misc/utils';

 import { ModalComponent } from '../../modal.component';
+import { BulkConfirmComponent } from './bulk/bulk-confirm.component';
+import { BulkRemoveComponent } from './bulk/bulk-remove.component';
+import { BulkStatusComponent } from './bulk/bulk-status.component';
 import { EntityEventsComponent } from './entity-events.component';
+import { ResetPasswordComponent } from './reset-password.component';
 import { UserAddEditComponent } from './user-add-edit.component';
 import { UserConfirmComponent } from './user-confirm.component';
 import { UserGroupsComponent } from './user-groups.component';

+const MaxCheckedCount = 500;
+
@Component({
    selector: 'app-org-people',
    templateUrl: 'people.component.html',
 })
 export class PeopleComponent implements OnInit {
-    @ViewChild('addEdit', { read: ViewContainerRef }) addEditModalRef: ViewContainerRef;
-    @ViewChild('groupsTemplate', { read: ViewContainerRef }) groupsModalRef: ViewContainerRef;
-    @ViewChild('eventsTemplate', { read: ViewContainerRef }) eventsModalRef: ViewContainerRef;
-    @ViewChild('confirmTemplate', { read: ViewContainerRef }) confirmModalRef: ViewContainerRef;
+    @ViewChild('addEdit', { read: ViewContainerRef, static: true }) addEditModalRef: ViewContainerRef;
+    @ViewChild('groupsTemplate', { read: ViewContainerRef, static: true }) groupsModalRef: ViewContainerRef;
+    @ViewChild('eventsTemplate', { read: ViewContainerRef, static: true }) eventsModalRef: ViewContainerRef;
+    @ViewChild('confirmTemplate', { read: ViewContainerRef, static: true }) confirmModalRef: ViewContainerRef;
+    @ViewChild('resetPasswordTemplate', { read: ViewContainerRef, static: true }) resetPasswordModalRef: ViewContainerRef;
+    @ViewChild('bulkStatusTemplate', { read: ViewContainerRef, static: true }) bulkStatusModalRef: ViewContainerRef;
+    @ViewChild('bulkConfirmTemplate', { read: ViewContainerRef, static: true }) bulkConfirmModalRef: ViewContainerRef;
+    @ViewChild('bulkRemoveTemplate', { read: ViewContainerRef, static: true }) bulkRemoveModalRef: ViewContainerRef;

    loading = true;
    organizationId: string;
@@ -60,6 +79,11 @@ export class PeopleComponent implements OnInit {
    actionPromise: Promise<any>;
    accessEvents = false;
    accessGroups = false;
+    canResetPassword = false; // User permission (admin/custom)
+    orgUseResetPassword = false; // Org plan ability
+    orgHasKeys = false; // Org public/private keys
+    orgResetPasswordPolicyEnabled = false;
+    callingUserType: OrganizationUserType = null;

    protected didScroll = false;
    protected pageSize = 100;
@@ -70,27 +94,47 @@ export class PeopleComponent implements OnInit {

    constructor(private apiService: ApiService, private route: ActivatedRoute,
        private i18nService: I18nService, private componentFactoryResolver: ComponentFactoryResolver,
-        private platformUtilsService: PlatformUtilsService, private analytics: Angulartics2,
-        private toasterService: ToasterService, private cryptoService: CryptoService,
-        private userService: UserService, private router: Router,
-        private storageService: StorageService, private searchService: SearchService) { }
+        private platformUtilsService: PlatformUtilsService, private toasterService: ToasterService,
+        private cryptoService: CryptoService, private userService: UserService, private router: Router,
+        private storageService: StorageService, private searchService: SearchService,
+        private validationService: ValidationService, private policyService: PolicyService,
+        private searchPipe: SearchPipe) { }

    async ngOnInit() {
-        this.route.parent.parent.params.subscribe(async (params) => {
+        this.route.parent.parent.params.subscribe(async params => {
            this.organizationId = params.organizationId;
            const organization = await this.userService.getOrganization(this.organizationId);
-            if (!organization.isAdmin) {
+            if (!organization.canManageUsers) {
                this.router.navigate(['../collections'], { relativeTo: this.route });
                return;
            }
            this.accessEvents = organization.useEvents;
            this.accessGroups = organization.useGroups;
+            this.canResetPassword = organization.canManageUsersPassword;
+            this.orgUseResetPassword = organization.useResetPassword;
+            this.callingUserType = organization.type;
+
+            // Backfill pub/priv key if necessary
+            if (!organization.hasPublicAndPrivateKeys) {
+                const orgShareKey = await this.cryptoService.getOrgKey(this.organizationId);
+                const orgKeys = await this.cryptoService.makeKeyPair(orgShareKey);
+                const request = new OrganizationKeysRequest(orgKeys[0], orgKeys[1].encryptedString);
+                const response = await this.apiService.postOrganizationKeys(this.organizationId, request);
+                if (response != null) {
+                    this.orgHasKeys = response.publicKey != null && response.privateKey != null;
+                } else {
+                    throw new Error(this.i18nService.t('resetPasswordOrgKeysError'));
+                }
+            } else {
+                this.orgHasKeys = true;
+            }
+
            await this.load();

-            const queryParamsSub = this.route.queryParams.subscribe(async (qParams) => {
+            const queryParamsSub = this.route.queryParams.subscribe(async qParams => {
                this.searchText = qParams.search;
                if (qParams.viewEvents != null) {
-                    const user = this.users.filter((u) => u.id === qParams.viewEvents);
+                    const user = this.users.filter(u => u.id === qParams.viewEvents);
                    if (user.length > 0 && user[0].status === OrganizationUserStatusType.Confirmed) {
                        this.events(user[0]);
                    }
@@ -107,7 +151,7 @@ export class PeopleComponent implements OnInit {
        this.statusMap.clear();
        this.allUsers = response.data != null && response.data.length > 0 ? response.data : [];
        this.allUsers.sort(Utils.getSortFunction(this.i18nService, 'email'));
-        this.allUsers.forEach((u) => {
+        this.allUsers.forEach(u => {
            if (!this.statusMap.has(u.status)) {
                this.statusMap.set(u.status, [u]);
            } else {
@@ -115,9 +159,38 @@ export class PeopleComponent implements OnInit {
            }
        });
        this.filter(this.status);
+        const policies = await this.policyService.getAll(PolicyType.ResetPassword);
+        this.orgResetPasswordPolicyEnabled = policies.some(p => p.organizationId === this.organizationId && p.enabled);
        this.loading = false;
    }

+    allowResetPassword(orgUser: OrganizationUserUserDetailsResponse): boolean {
+        // Hierarchy check
+        let callingUserHasPermission = false;
+
+        switch (this.callingUserType) {
+            case OrganizationUserType.Owner:
+                callingUserHasPermission = true;
+                break;
+            case OrganizationUserType.Admin:
+                callingUserHasPermission = orgUser.type !== OrganizationUserType.Owner;
+                break;
+            case OrganizationUserType.Custom:
+                callingUserHasPermission = orgUser.type !== OrganizationUserType.Owner
+                    && orgUser.type !== OrganizationUserType.Admin;
+                break;
+        }
+
+        // Final
+        return this.canResetPassword && callingUserHasPermission && this.orgUseResetPassword && this.orgHasKeys
+            && orgUser.resetPasswordEnrolled && this.orgResetPasswordPolicyEnabled
+            && orgUser.status === OrganizationUserStatusType.Confirmed;
+    }
+
+    showEnrolledStatus(orgUser: OrganizationUserUserDetailsResponse): boolean {
+        return this.orgUseResetPassword && orgUser.resetPasswordEnrolled && this.orgResetPasswordPolicyEnabled;
+    }
+
    filter(status: OrganizationUserStatusType) {
        this.status = status;
        if (this.status != null) {
@@ -125,11 +198,13 @@ export class PeopleComponent implements OnInit {
        } else {
            this.users = this.allUsers;
        }
+        // Reset checkbox selecton
+        this.selectAll(false);
        this.resetPaging();
    }

    loadMore() {
-        if (this.users.length <= this.pageSize) {
+        if (!this.users || this.users.length <= this.pageSize) {
            return;
        }
        const pagedLength = this.pagedUsers.length;
@@ -168,6 +243,10 @@ export class PeopleComponent implements OnInit {
            this.confirmedCount > 0 && this.confirmedCount < 3 && this.acceptedCount > 0;
    }

+    get showBulkConfirmUsers(): boolean {
+        return this.acceptedCount > 0;
+    }
+
    edit(user: OrganizationUserUserDetailsResponse) {
        if (this.modal != null) {
            this.modal.close();
@@ -229,25 +308,101 @@ export class PeopleComponent implements OnInit {
            return false;
        }

+        this.actionPromise = this.apiService.deleteOrganizationUser(this.organizationId, user.id);
        try {
-            await this.apiService.deleteOrganizationUser(this.organizationId, user.id);
-            this.analytics.eventTrack.next({ action: 'Deleted User' });
+            await this.actionPromise;
            this.toasterService.popAsync('success', null, this.i18nService.t('removedUserId', user.name || user.email));
            this.removeUser(user);
-        } catch { }
+        } catch (e) {
+            this.validationService.showError(e);
+        }
+        this.actionPromise = null;
    }

    async reinvite(user: OrganizationUserUserDetailsResponse) {
        if (this.actionPromise != null) {
            return;
        }
+
        this.actionPromise = this.apiService.postOrganizationUserReinvite(this.organizationId, user.id);
-        await this.actionPromise;
-        this.analytics.eventTrack.next({ action: 'Reinvited User' });
-        this.toasterService.popAsync('success', null, this.i18nService.t('hasBeenReinvited', user.name || user.email));
+        try {
+            await this.actionPromise;
+            this.toasterService.popAsync('success', null, this.i18nService.t('hasBeenReinvited', user.name || user.email));
+        } catch (e) {
+            this.validationService.showError(e);
+        }
        this.actionPromise = null;
    }

+    async bulkRemove() {
+        if (this.actionPromise != null) {
+            return;
+        }
+
+        if (this.modal != null) {
+            this.modal.close();
+        }
+
+        const factory = this.componentFactoryResolver.resolveComponentFactory(ModalComponent);
+        this.modal = this.bulkRemoveModalRef.createComponent(factory).instance;
+        const childComponent = this.modal.show(BulkRemoveComponent, this.bulkRemoveModalRef);
+
+        childComponent.organizationId = this.organizationId;
+        childComponent.users = this.getCheckedUsers();
+
+        this.modal.onClosed.subscribe(async () => {
+            await this.load();
+            this.modal = null;
+        });
+    }
+
+    async bulkReinvite() {
+        if (this.actionPromise != null) {
+            return;
+        }
+
+        const users = this.getCheckedUsers();
+        const filteredUsers = users.filter(u => u.status === OrganizationUserStatusType.Invited);
+
+        if (filteredUsers.length <= 0) {
+            this.toasterService.popAsync('error', this.i18nService.t('errorOccurred'),
+                this.i18nService.t('noSelectedUsersApplicable'));
+            return;
+        }
+
+
+        try {
+            const request = new OrganizationUserBulkRequest(filteredUsers.map(user => user.id));
+            const response = this.apiService.postManyOrganizationUserReinvite(this.organizationId, request);
+            this.showBulkStatus(users, filteredUsers, response, this.i18nService.t('bulkReinviteMessage'));
+        } catch (e) {
+            this.validationService.showError(e);
+        }
+        this.actionPromise = null;
+    }
+
+    async bulkConfirm() {
+        if (this.actionPromise != null) {
+            return;
+        }
+
+        if (this.modal != null) {
+            this.modal.close();
+        }
+
+        const factory = this.componentFactoryResolver.resolveComponentFactory(ModalComponent);
+        this.modal = this.bulkConfirmModalRef.createComponent(factory).instance;
+        const childComponent = this.modal.show(BulkConfirmComponent, this.bulkConfirmModalRef);
+
+        childComponent.organizationId = this.organizationId;
+        childComponent.users = this.getCheckedUsers();
+
+        this.modal.onClosed.subscribe(async () => {
+            await this.load();
+            this.modal = null;
+        });
+    }
+
    async confirm(user: OrganizationUserUserDetailsResponse) {
        function updateUser(self: PeopleComponent) {
            user.status = OrganizationUserStatusType.Confirmed;
@@ -258,6 +413,20 @@ export class PeopleComponent implements OnInit {
            }
        }

+        const confirmUser = async (publicKey: Uint8Array) => {
+            try {
+                this.actionPromise = this.doConfirmation(user, publicKey);
+                await this.actionPromise;
+                updateUser(this);
+                this.toasterService.popAsync('success', null, this.i18nService.t('hasBeenConfirmed', user.name || user.email));
+            } catch (e) {
+                this.validationService.showError(e);
+                throw e;
+            } finally {
+                this.actionPromise = null;
+            }
+        };
+
        if (this.actionPromise != null) {
            return;
        }
@@ -277,9 +446,14 @@ export class PeopleComponent implements OnInit {
            childComponent.organizationId = this.organizationId;
            childComponent.organizationUserId = user != null ? user.id : null;
            childComponent.userId = user != null ? user.userId : null;
-            childComponent.onConfirmedUser.subscribe(() => {
-                this.modal.close();
-                updateUser(this);
+            childComponent.onConfirmedUser.subscribe(async (publicKey: Uint8Array) => {
+                try {
+                    await confirmUser(publicKey);
+                    this.modal.close();
+                } catch (e) {
+                    // tslint:disable-next-line
+                    console.error('Handled exception:', e);
+                }
            });

            this.modal.onClosed.subscribe(() => {
@@ -288,12 +462,19 @@ export class PeopleComponent implements OnInit {
            return;
        }

-        this.actionPromise = this.doConfirmation(user);
-        await this.actionPromise;
-        updateUser(this);
-        this.analytics.eventTrack.next({ action: 'Confirmed User' });
-        this.toasterService.popAsync('success', null, this.i18nService.t('hasBeenConfirmed', user.name || user.email));
-        this.actionPromise = null;
+        try {
+            const publicKeyResponse = await this.apiService.getUserPublicKey(user.userId);
+            const publicKey = Utils.fromB64ToArray(publicKeyResponse.publicKey);
+            try {
+                // tslint:disable-next-line
+                console.log('User\'s fingerprint: ' +
+                    (await this.cryptoService.getFingerprint(user.userId, publicKey.buffer)).join('-'));
+            } catch { }
+            await confirmUser(publicKey);
+        } catch (e) {
+            // tslint:disable-next-line
+            console.error('Handled exception:', e);
+        }
    }

    async events(user: OrganizationUserUserDetailsResponse) {
@@ -331,18 +512,106 @@ export class PeopleComponent implements OnInit {
        if (searching && this.didScroll) {
            this.resetPaging();
        }
-        return !searching && this.users.length > this.pageSize;
+        return !searching && this.users && this.users.length > this.pageSize;
    }

-    private async doConfirmation(user: OrganizationUserUserDetailsResponse) {
-        const orgKey = await this.cryptoService.getOrgKey(this.organizationId);
-        const publicKeyResponse = await this.apiService.getUserPublicKey(user.userId);
-        const publicKey = Utils.fromB64ToArray(publicKeyResponse.publicKey);
+    async resetPassword(user: OrganizationUserUserDetailsResponse) {
+        if (this.modal != null) {
+            this.modal.close();
+        }
+
+        const factory = this.componentFactoryResolver.resolveComponentFactory(ModalComponent);
+        this.modal = this.resetPasswordModalRef.createComponent(factory).instance;
+        const childComponent = this.modal.show<ResetPasswordComponent>(
+            ResetPasswordComponent, this.resetPasswordModalRef);
+
+        childComponent.name = user != null ? user.name || user.email : null;
+        childComponent.email = user != null ? user.email : null;
+        childComponent.organizationId = this.organizationId;
+        childComponent.id = user != null ? user.id : null;
+
+        childComponent.onPasswordReset.subscribe(() => {
+            this.modal.close();
+            this.load();
+        });
+
+        this.modal.onClosed.subscribe(() => {
+            this.modal = null;
+        });
+    }
+
+    checkUser(user: OrganizationUserUserDetailsResponse, select?: boolean) {
+        (user as any).checked = select == null ? !(user as any).checked : select;
+    }
+
+    selectAll(select: boolean) {
+        if (select) {
+            this.selectAll(false);
+        }
+
+        const filteredUsers = this.searchPipe.transform(this.users, this.searchText, 'name', 'email', 'id');
+
+        const selectCount = select && filteredUsers.length > MaxCheckedCount
+            ? MaxCheckedCount
+            : filteredUsers.length;
+        for (let i = 0; i < selectCount; i++) {
+            this.checkUser(filteredUsers[i], select);
+        }
+    }
+
+    private async showBulkStatus(users: OrganizationUserUserDetailsResponse[], filteredUsers: OrganizationUserUserDetailsResponse[],
+        request: Promise<ListResponse<OrganizationUserBulkResponse>>, successfullMessage: string) {
+
+        const factory = this.componentFactoryResolver.resolveComponentFactory(ModalComponent);
+        this.modal = this.bulkStatusModalRef.createComponent(factory).instance;
+        const childComponent = this.modal.show<BulkStatusComponent>(
+            BulkStatusComponent, this.bulkStatusModalRef);
+
+        childComponent.loading = true;
+
+        // Workaround to handle closing the modal shortly after it has been opened
+        let close = false;
+        this.modal.onShown.subscribe(() => {
+            if (close) {
+                this.modal.close();
+            }
+        });
+
+        this.modal.onClosed.subscribe(() => {
+            this.modal = null;
+        });
+
        try {
-            // tslint:disable-next-line
-            console.log('User\'s fingerprint: ' +
-                (await this.cryptoService.getFingerprint(user.userId, publicKey.buffer)).join('-'));
-        } catch { }
+            const response = await request;
+
+            if (this.modal) {
+                const keyedErrors: any = response.data.filter(r => r.error !== '').reduce((a, x) => ({ ...a, [x.id]: x.error }), {});
+                const keyedFilteredUsers: any = filteredUsers.reduce((a, x) => ({ ...a, [x.id]: x }), {});
+
+                childComponent.users = users.map(user => {
+                    let message = keyedErrors[user.id] ?? successfullMessage;
+                    if (!keyedFilteredUsers.hasOwnProperty(user.id)) {
+                        message = this.i18nService.t('bulkFilteredMessage');
+                    }
+
+                    return {
+                        user: user,
+                        error: keyedErrors.hasOwnProperty(user.id),
+                        message: message,
+                    };
+                });
+                childComponent.loading = false;
+            }
+        } catch {
+            close = true;
+            if (this.modal) {
+                this.modal.close();
+            }
+        }
+    }
+
+    private async doConfirmation(user: OrganizationUserUserDetailsResponse, publicKey: Uint8Array) {
+        const orgKey = await this.cryptoService.getOrgKey(this.organizationId);
        const key = await this.cryptoService.rsaEncrypt(orgKey.key, publicKey.buffer);
        const request = new OrganizationUserConfirmRequest();
        request.key = key.encryptedString;
@@ -374,4 +643,8 @@ export class PeopleComponent implements OnInit {
            }
        }
    }
+
+    private getCheckedUsers() {
+        return this.users.filter(u => (u as any).checked);
+    }
 }
--- a/src/app/organizations/manage/policies.component.html
+++ b/src/app/organizations/manage/policies.component.html
@@ -1,3 +1,8 @@
+<app-callout *ngIf="userCanAccessBusinessPortal" [type]="'warning'">
+    <p>{{'webPoliciesDeprecationWarning' | i18n}}</p>
+    <button type="button" class="btn btn-outline-secondary"
+        (click)="goToEnterprisePortal()">{{'businessPortal' | i18n}}</button>
+</app-callout>
 <div class="page-header d-flex">
    <h1>{{'policies' | i18n}}</h1>
 </div>
@@ -8,7 +13,7 @@
 <table class="table table-hover table-list" *ngIf="!loading">
    <tbody>
        <tr *ngFor="let p of policies">
-            <td>
+            <td *ngIf="p.display">
                <a href="#" appStopClick (click)="edit(p)">{{p.name}}</a>
                <span class="badge badge-success" *ngIf="p.enabled">{{'enabled' | i18n}}</span>
                <small class="text-muted d-block">{{p.description}}</small>
--- a/src/app/organizations/manage/policies.component.ts
+++ b/src/app/organizations/manage/policies.component.ts
@@ -10,14 +10,15 @@ import {
    Router,
 } from '@angular/router';

-import { PolicyType } from 'jslib/enums/policyType';
+import { PolicyType } from 'jslib-common/enums/policyType';

-import { ApiService } from 'jslib/abstractions/api.service';
-import { I18nService } from 'jslib/abstractions/i18n.service';
-import { PlatformUtilsService } from 'jslib/abstractions/platformUtils.service';
-import { UserService } from 'jslib/abstractions/user.service';
+import { EnvironmentService } from 'jslib-common/abstractions';
+import { ApiService } from 'jslib-common/abstractions/api.service';
+import { I18nService } from 'jslib-common/abstractions/i18n.service';
+import { PlatformUtilsService } from 'jslib-common/abstractions/platformUtils.service';
+import { UserService } from 'jslib-common/abstractions/user.service';

-import { PolicyResponse } from 'jslib/models/response/policyResponse';
+import { PolicyResponse } from 'jslib-common/models/response/policyResponse';

 import { ModalComponent } from '../../modal.component';

@@ -28,12 +29,18 @@ import { PolicyEditComponent } from './policy-edit.component';
    templateUrl: 'policies.component.html',
 })
 export class PoliciesComponent implements OnInit {
-    @ViewChild('editTemplate', { read: ViewContainerRef }) editModalRef: ViewContainerRef;
+    @ViewChild('editTemplate', { read: ViewContainerRef, static: true }) editModalRef: ViewContainerRef;

    loading = true;
    organizationId: string;
    policies: any[];

+    // Remove when removing deprecation warning
+    enterpriseTokenPromise: Promise<any>;
+    userCanAccessBusinessPortal = false;
+
+    private enterpriseUrl: string;
+
    private modal: ModalComponent = null;
    private orgPolicies: PolicyResponse[];
    private policiesEnabledMap: Map<PolicyType, boolean> = new Map<PolicyType, boolean>();
@@ -41,48 +48,122 @@ export class PoliciesComponent implements OnInit {
    constructor(private apiService: ApiService, private route: ActivatedRoute,
        private i18nService: I18nService, private componentFactoryResolver: ComponentFactoryResolver,
        private platformUtilsService: PlatformUtilsService, private userService: UserService,
-        private router: Router) {
-        this.policies = [
-            {
-                name: i18nService.t('twoStepLogin'),
-                description: i18nService.t('twoStepLoginPolicyDesc'),
-                type: PolicyType.TwoFactorAuthentication,
-                enabled: false,
-            },
-            {
-                name: i18nService.t('masterPass'),
-                description: i18nService.t('masterPassPolicyDesc'),
-                type: PolicyType.MasterPassword,
-                enabled: false,
-            },
-            {
-                name: i18nService.t('passwordGenerator'),
-                description: i18nService.t('passwordGeneratorPolicyDesc'),
-                type: PolicyType.PasswordGenerator,
-                enabled: false,
-            },
-        ];
-    }
+        private router: Router, private environmentService: EnvironmentService) { }

    async ngOnInit() {
-        this.route.parent.parent.params.subscribe(async (params) => {
+        this.route.parent.parent.params.subscribe(async params => {
            this.organizationId = params.organizationId;
            const organization = await this.userService.getOrganization(this.organizationId);
            if (organization == null || !organization.usePolicies) {
                this.router.navigate(['/organizations', this.organizationId]);
                return;
            }
+            this.userCanAccessBusinessPortal = organization.canAccessBusinessPortal;
+            this.policies = [
+                {
+                    name: this.i18nService.t('twoStepLogin'),
+                    description: this.i18nService.t('twoStepLoginPolicyDesc'),
+                    type: PolicyType.TwoFactorAuthentication,
+                    enabled: false,
+                    display: true,
+                },
+                {
+                    name: this.i18nService.t('masterPass'),
+                    description: this.i18nService.t('masterPassPolicyDesc'),
+                    type: PolicyType.MasterPassword,
+                    enabled: false,
+                    display: true,
+                },
+                {
+                    name: this.i18nService.t('passwordGenerator'),
+                    description: this.i18nService.t('passwordGeneratorPolicyDesc'),
+                    type: PolicyType.PasswordGenerator,
+                    enabled: false,
+                    display: true,
+                },
+                {
+                    name: this.i18nService.t('singleOrg'),
+                    description: this.i18nService.t('singleOrgDesc'),
+                    type: PolicyType.SingleOrg,
+                    enabled: false,
+                    display: true,
+                },
+                {
+                    name: this.i18nService.t('requireSso'),
+                    description: this.i18nService.t('requireSsoPolicyDesc'),
+                    type: PolicyType.RequireSso,
+                    enabled: false,
+                    display: organization.useSso,
+                },
+                {
+                    name: this.i18nService.t('personalOwnership'),
+                    description: this.i18nService.t('personalOwnershipPolicyDesc'),
+                    type: PolicyType.PersonalOwnership,
+                    enabled: false,
+                    display: true,
+                },
+                {
+                    name: this.i18nService.t('disableSend'),
+                    description: this.i18nService.t('disableSendPolicyDesc'),
+                    type: PolicyType.DisableSend,
+                    enabled: false,
+                    display: true,
+                },
+                {
+                    name: this.i18nService.t('sendOptions'),
+                    description: this.i18nService.t('sendOptionsPolicyDesc'),
+                    type: PolicyType.SendOptions,
+                    enabled: false,
+                    display: true,
+                }, {
+                    name: this.i18nService.t('resetPasswordPolicy'),
+                    description: this.i18nService.t('resetPasswordPolicyDescription'),
+                    type: PolicyType.ResetPassword,
+                    enabled: false,
+                    display: organization.useResetPassword,
+                },
+            ];
            await this.load();
+
+            // Handle policies component launch from Event message
+            const queryParamsSub = this.route.queryParams.subscribe(async qParams => {
+                if (qParams.policyId != null) {
+                    const policyIdFromEvents: string = qParams.policyId;
+                    for (const orgPolicy of this.orgPolicies) {
+                        if (orgPolicy.id === policyIdFromEvents) {
+                            for (let i = 0; i < this.policies.length; i++) {
+                                if (this.policies[i].type === orgPolicy.type) {
+                                    this.edit(this.policies[i]);
+                                    break;
+                                }
+                            }
+                            break;
+                        }
+                    }
+                }
+
+                if (queryParamsSub != null) {
+                    queryParamsSub.unsubscribe();
+                }
+            });
        });
+
+        // Remove when removing deprecation warning
+        this.enterpriseUrl = 'https://portal.bitwarden.com';
+        if (this.environmentService.enterpriseUrl != null) {
+            this.enterpriseUrl = this.environmentService.enterpriseUrl;
+        } else if (this.environmentService.baseUrl != null) {
+            this.enterpriseUrl = this.environmentService.baseUrl + '/portal';
+        }
    }

    async load() {
        const response = await this.apiService.getPolicies(this.organizationId);
        this.orgPolicies = response.data != null && response.data.length > 0 ? response.data : [];
-        this.orgPolicies.forEach((op) => {
+        this.orgPolicies.forEach(op => {
            this.policiesEnabledMap.set(op.type, op.enabled);
        });
-        this.policies.forEach((p) => {
+        this.policies.forEach(p => {
            p.enabled = this.policiesEnabledMap.has(p.type) && this.policiesEnabledMap.get(p.type);
        });
        this.loading = false;
@@ -102,6 +183,7 @@ export class PoliciesComponent implements OnInit {
        childComponent.description = p.description;
        childComponent.type = p.type;
        childComponent.organizationId = this.organizationId;
+        childComponent.policiesEnabledMap = this.policiesEnabledMap;
        childComponent.onSavedPolicy.subscribe(() => {
            this.modal.close();
            this.load();
@@ -111,4 +193,22 @@ export class PoliciesComponent implements OnInit {
            this.modal = null;
        });
    }
+
+
+    // Remove when removing deprecation warning
+    async goToEnterprisePortal() {
+        if (this.enterpriseTokenPromise != null) {
+            return;
+        }
+        try {
+            this.enterpriseTokenPromise = this.apiService.getEnterprisePortalSignInToken();
+            const token = await this.enterpriseTokenPromise;
+            if (token != null) {
+                const userId = await this.userService.getUserId();
+                this.platformUtilsService.launchUri(this.enterpriseUrl + '/login?userId=' + userId +
+                    '&token=' + (window as any).encodeURIComponent(token) + '&organizationId=' + this.organizationId);
+            }
+        } catch { }
+        this.enterpriseTokenPromise = null;
+    }
 }
--- a/src/app/organizations/manage/policy-edit.component.html
+++ b/src/app/organizations/manage/policy-edit.component.html
@@ -1,5 +1,5 @@
 <div class="modal fade" tabindex="-1" role="dialog" aria-modal="true" aria-labelledby="policiesEditTitle">
-    <div class="modal-dialog" role="document">
+    <div class="modal-dialog modal-dialog-scrollable" role="document">
        <form class="modal-content" #form (ngSubmit)="submit()" [appApiAction]="formPromise" ngNativeValidate>
            <div class="modal-header">
                <h2 class="modal-title" id="policiesEditTitle">{{'editPolicy' | i18n}} - {{name}}</h2>
@@ -17,11 +17,35 @@
                    title="{{'warning' | i18n}}" icon="fa-warning">
                    {{'twoStepLoginPolicyWarning' | i18n}}
                </app-callout>
+                <app-callout type="warning" *ngIf="type === policyType.SingleOrg" title="{{'warning' | i18n}}"
+                    icon="fa-warning">
+                    {{'singleOrgPolicyWarning' | i18n}}
+                </app-callout>
+                <ng-container *ngIf="type === policyType.RequireSso">
+                    <app-callout type="tip" title="{{'prerequisite' | i18n}}">
+                        {{'requireSsoPolicyReq' | i18n}}
+                    </app-callout>
+                    <app-callout type="warning">
+                        {{'requireSsoExemption' | i18n}}
+                    </app-callout>
+                </ng-container>
+                <app-callout type="warning" *ngIf="type === policyType.PersonalOwnership">
+                    {{'personalOwnershipExemption' | i18n}}
+                </app-callout>
+                <app-callout type="warning" *ngIf="type === policyType.DisableSend">
+                    {{'disableSendExemption' | i18n}}
+                </app-callout>
+                <app-callout type="warning" *ngIf="type === policyType.SendOptions">
+                    {{'sendOptionsExemption' | i18n}}
+                </app-callout>
+                <app-callout type="warning" *ngIf="type === policyType.ResetPassword">
+                    {{'resetPasswordPolicyWarning' | i18n}}
+                </app-callout>
                <div class="form-group">
                    <div class="form-check">
                        <input class="form-check-input" type="checkbox" id="enabled" [(ngModel)]="enabled"
                            name="Enabled">
-                        <label class="form-check-label" for="enabled">{{'enabled' | i18n}}</label>
+                        <label class="form-check-label" for="enabled">{{checkboxDesc}}</label>
                    </div>
                </div>
                <ng-container *ngIf="type === policyType.MasterPassword">
@@ -129,14 +153,36 @@
                        <label class="form-check-label" for="passGenIncludeNumber">{{'includeNumber' | i18n}}</label>
                    </div>
                </ng-container>
+                <ng-container *ngIf="type === policyType.SendOptions">
+                    <h3 class="mt-4">{{'options' | i18n}}</h3>
+                    <div class="form-check">
+                        <input class="form-check-input" type="checkbox" id="sendDisableHideEmail"
+                            [(ngModel)]="sendDisableHideEmail" name="SendDisableHideEmail">
+                        <label class="form-check-label" for="sendDisableHideEmail">{{'disableHideEmail' | i18n}}</label>
+                    </div>
+                </ng-container>
+                <ng-container *ngIf="type === policyType.ResetPassword">
+                    <h3 class="mt-4">{{'resetPasswordPolicyAutoEnroll' | i18n}}</h3>
+                    <p>{{'resetPasswordPolicyAutoEnrollDescription' | i18n}}</p>
+                    <app-callout type="warning">
+                        {{'resetPasswordPolicyAutoEnrollWarning' | i18n}}
+                    </app-callout>
+                    <div class="form-check">
+                        <input class="form-check-input" type="checkbox" id="autoEnrollEnabled"
+                            [(ngModel)]="resetPasswordAutoEnroll" name="AutoEnrollEnabled">
+                        <label class="form-check-label"
+                            for="autoEnrollEnabled">{{'resetPasswordPolicyAutoEnrollCheckbox' | i18n }}</label>
+                    </div>
+                </ng-container>
            </div>
            <div class="modal-footer">
                <button type="submit" class="btn btn-primary btn-submit" [disabled]="form.loading">
                    <i class="fa fa-spinner fa-spin" title="{{'loading' | i18n}}" aria-hidden="true"></i>
                    <span>{{'save' | i18n}}</span>
                </button>
-                <button type="button" class="btn btn-outline-secondary"
-                    data-dismiss="modal">{{'cancel' | i18n}}</button>
+                <button type="button" class="btn btn-outline-secondary" data-dismiss="modal">
+                    {{'cancel' | i18n}}
+                </button>
            </div>
        </form>
    </div>
--- a/src/app/organizations/manage/policy-edit.component.ts
+++ b/src/app/organizations/manage/policy-edit.component.ts
@@ -7,16 +7,15 @@ import {
 } from '@angular/core';

 import { ToasterService } from 'angular2-toaster';
-import { Angulartics2 } from 'angulartics2';

-import { ApiService } from 'jslib/abstractions/api.service';
-import { I18nService } from 'jslib/abstractions/i18n.service';
+import { ApiService } from 'jslib-common/abstractions/api.service';
+import { I18nService } from 'jslib-common/abstractions/i18n.service';

-import { PolicyType } from 'jslib/enums/policyType';
+import { PolicyType } from 'jslib-common/enums/policyType';

-import { PolicyRequest } from 'jslib/models/request/policyRequest';
+import { PolicyRequest } from 'jslib-common/models/request/policyRequest';

-import { PolicyResponse } from 'jslib/models/response/policyResponse';
+import { PolicyResponse } from 'jslib-common/models/response/policyResponse';

@Component({
    selector: 'app-policy-edit',
@@ -27,6 +26,7 @@ export class PolicyEditComponent implements OnInit {
    @Input() description: string;
    @Input() type: PolicyType;
    @Input() organizationId: string;
+    @Input() policiesEnabledMap: Map<PolicyType, boolean> = new Map<PolicyType, boolean>();
    @Output() onSavedPolicy = new EventEmitter();

    policyType = PolicyType;
@@ -37,7 +37,6 @@ export class PolicyEditComponent implements OnInit {
    defaultTypes: any[];

    // Master password
-
    masterPassMinComplexity?: number = null;
    masterPassMinLength?: number;
    masterPassRequireUpper?: number;
@@ -46,7 +45,6 @@ export class PolicyEditComponent implements OnInit {
    masterPassRequireSpecial?: number;

    // Password generator
-
    passGenDefaultType?: string;
    passGenMinLength?: number;
    passGenUseUpper?: boolean;
@@ -59,10 +57,16 @@ export class PolicyEditComponent implements OnInit {
    passGenCapitalize?: boolean;
    passGenIncludeNumber?: boolean;

+    // Send options
+    sendDisableHideEmail?: boolean;
+
+    // Reset Password
+    resetPasswordAutoEnroll?: boolean;
+
    private policy: PolicyResponse;

    constructor(private apiService: ApiService, private i18nService: I18nService,
-        private analytics: Angulartics2, private toasterService: ToasterService) {
+        private toasterService: ToasterService) {
        this.passwordScores = [
            { name: '-- ' + i18nService.t('select') + ' --', value: null },
            { name: i18nService.t('weak') + ' (0)', value: 0 },
@@ -112,6 +116,12 @@ export class PolicyEditComponent implements OnInit {
                            this.masterPassRequireNumbers = this.policy.data.requireNumbers;
                            this.masterPassRequireSpecial = this.policy.data.requireSpecial;
                            break;
+                        case PolicyType.SendOptions:
+                            this.sendDisableHideEmail = this.policy.data.disableHideEmail;
+                            break;
+                        case PolicyType.ResetPassword:
+                            this.resetPasswordAutoEnroll = this.policy.data.autoEnrollEnabled;
+                            break;
                        default:
                            break;
                    }
@@ -127,45 +137,94 @@ export class PolicyEditComponent implements OnInit {
    }

    async submit() {
-        const request = new PolicyRequest();
-        request.enabled = this.enabled;
-        request.type = this.type;
-        request.data = null;
-        switch (this.type) {
-            case PolicyType.PasswordGenerator:
-                request.data = {
-                    defaultType: this.passGenDefaultType,
-                    minLength: this.passGenMinLength || null,
-                    useUpper: this.passGenUseUpper,
-                    useLower: this.passGenUseLower,
-                    useNumbers: this.passGenUseNumbers,
-                    useSpecial: this.passGenUseSpecial,
-                    minNumbers: this.passGenMinNumbers || null,
-                    minSpecial: this.passGenMinSpecial || null,
-                    minNumberWords: this.passGenMinNumberWords || null,
-                    capitalize: this.passGenCapitalize,
-                    includeNumber: this.passGenIncludeNumber,
-                };
-                break;
-            case PolicyType.MasterPassword:
-                request.data = {
-                    minComplexity: this.masterPassMinComplexity || null,
-                    minLength: this.masterPassMinLength || null,
-                    requireUpper: this.masterPassRequireUpper,
-                    requireLower: this.masterPassRequireLower,
-                    requireNumbers: this.masterPassRequireNumbers,
-                    requireSpecial: this.masterPassRequireSpecial,
-                };
-                break;
-            default:
-                break;
+        if (this.preValidate()) {
+            const request = new PolicyRequest();
+            request.enabled = this.enabled;
+            request.type = this.type;
+            request.data = null;
+            switch (this.type) {
+                case PolicyType.PasswordGenerator:
+                    request.data = {
+                        defaultType: this.passGenDefaultType,
+                        minLength: this.passGenMinLength || null,
+                        useUpper: this.passGenUseUpper,
+                        useLower: this.passGenUseLower,
+                        useNumbers: this.passGenUseNumbers,
+                        useSpecial: this.passGenUseSpecial,
+                        minNumbers: this.passGenMinNumbers || null,
+                        minSpecial: this.passGenMinSpecial || null,
+                        minNumberWords: this.passGenMinNumberWords || null,
+                        capitalize: this.passGenCapitalize,
+                        includeNumber: this.passGenIncludeNumber,
+                    };
+                    break;
+                case PolicyType.MasterPassword:
+                    request.data = {
+                        minComplexity: this.masterPassMinComplexity || null,
+                        minLength: this.masterPassMinLength || null,
+                        requireUpper: this.masterPassRequireUpper,
+                        requireLower: this.masterPassRequireLower,
+                        requireNumbers: this.masterPassRequireNumbers,
+                        requireSpecial: this.masterPassRequireSpecial,
+                    };
+                    break;
+                case PolicyType.SendOptions:
+                    request.data = {
+                        disableHideEmail: this.sendDisableHideEmail,
+                    };
+                    break;
+                case PolicyType.ResetPassword:
+                    request.data = {
+                        autoEnrollEnabled: this.resetPasswordAutoEnroll,
+                    };
+                    break;
+                default:
+                    break;
+            }
+            try {
+                this.formPromise = this.apiService.putPolicy(this.organizationId, this.type, request);
+                await this.formPromise;
+                this.toasterService.popAsync('success', null, this.i18nService.t('editedPolicyId', this.name));
+                this.onSavedPolicy.emit();
+            } catch { }
+        }
+    }
+
+    get checkboxDesc(): string {
+        return this.type === PolicyType.PersonalOwnership ? this.i18nService.t('personalOwnershipCheckboxDesc') :
+            this.i18nService.t('enabled');
+    }
+
+    private preValidate(): boolean {
+        switch (this.type) {
+            case PolicyType.RequireSso:
+                // Don't need prevalidation checks if submitting to disable
+                if (!this.enabled) {
+                    return true;
+                }
+                // Have SingleOrg policy enabled?
+                if (!(this.policiesEnabledMap.has(PolicyType.SingleOrg)
+                    && this.policiesEnabledMap.get(PolicyType.SingleOrg))) {
+                    this.toasterService.popAsync('error', null, this.i18nService.t('requireSsoPolicyReqError'));
+                    return false;
+                }
+                return true;
+
+            case PolicyType.SingleOrg:
+                // Don't need prevalidation checks if submitting to enable
+                if (this.enabled) {
+                    return true;
+                }
+                // If RequireSso Policy is enabled prevent submittal
+                if (this.policiesEnabledMap.has(PolicyType.RequireSso)
+                    && this.policiesEnabledMap.get(PolicyType.RequireSso)) {
+                    this.toasterService.popAsync('error', null, this.i18nService.t('disableRequireSsoError'));
+                    return false;
+                }
+                return true;
+
+            default:
+                return true;
        }
-        try {
-            this.formPromise = this.apiService.putPolicy(this.organizationId, this.type, request);
-            await this.formPromise;
-            this.analytics.eventTrack.next({ action: 'Edited Policy' });
-            this.toasterService.popAsync('success', null, this.i18nService.t('editedPolicyId', this.name));
-            this.onSavedPolicy.emit();
-        } catch { }
    }
 }
--- a/src/app/organizations/manage/reset-password.component.html
+++ b/src/app/organizations/manage/reset-password.component.html
@@ -0,0 +1,78 @@
+<div class="modal fade" tabindex="-1" role="dialog" aria-modal="true" aria-labelledby="resetPasswordTitle">
+    <div class="modal-dialog" role="document">
+        <form class="modal-content" #form (ngSubmit)="submit()" [appApiAction]="formPromise">
+            <div class="modal-header">
+                <h2 class="modal-title" id="resetPasswordTitle">
+                    {{'resetPassword' | i18n}}
+                    <small class="text-muted" *ngIf="name">{{name}}</small>
+                </h2>
+                <button type="button" class="close" data-dismiss="modal" appA11yTitle="{{'close' | i18n}}">
+                    <span aria-hidden="true">&times;</span>
+                </button>
+            </div>
+            <div class="modal-body">
+                <app-callout type="warning">{{'resetPasswordLoggedOutWarning' | i18n: loggedOutWarningName}}
+                </app-callout>
+                <app-callout type="info" *ngIf="enforcedPolicyOptions">
+                    {{'resetPasswordMasterPasswordPolicyInEffect' | i18n}}
+                    <ul class="mb-0">
+                        <li *ngIf="enforcedPolicyOptions?.minComplexity > 0">
+                            {{'policyInEffectMinComplexity' | i18n : getPasswordScoreAlertDisplay()}}
+                        </li>
+                        <li *ngIf="enforcedPolicyOptions?.minLength > 0">
+                            {{'policyInEffectMinLength' | i18n : enforcedPolicyOptions?.minLength.toString()}}
+                        </li>
+                        <li *ngIf="enforcedPolicyOptions?.requireUpper">
+                            {{'policyInEffectUppercase' | i18n}}</li>
+                        <li *ngIf="enforcedPolicyOptions?.requireLower">
+                            {{'policyInEffectLowercase' | i18n}}</li>
+                        <li *ngIf="enforcedPolicyOptions?.requireNumbers">
+                            {{'policyInEffectNumbers' | i18n}}</li>
+                        <li *ngIf="enforcedPolicyOptions?.requireSpecial">
+                            {{'policyInEffectSpecial' | i18n : '!@#$%^&*'}}</li>
+                    </ul>
+                </app-callout>
+                <div class="row">
+                    <div class="col form-group">
+                        <div class="d-flex">
+                            <label for="newPassword">{{'newPassword' | i18n}}</label>
+                            <div class="ml-auto d-flex">
+                                <a href="#" class="d-block mr-2 fa-icon-above-input" appStopClick
+                                    appA11yTitle="{{'generatePassword' | i18n}}" (click)="generatePassword()">
+                                    <i class="fa fa-lg fa-fw fa-refresh" aria-hidden="true"></i>
+                                </a>
+                            </div>
+                        </div>
+                        <div class="input-group mb-1">
+                            <input id="newPassword" class="form-control text-monospace" appAutofocus
+                                type="{{showPassword ? 'text' : 'password'}}" name="NewPassword"
+                                [(ngModel)]="newPassword" required appInputVerbatim autocomplete="new-password"
+                                (input)="updatePasswordStrength()">
+                            <div class="input-group-append">
+                                <button type="button" class="btn btn-outline-secondary"
+                                    appA11yTitle="{{'toggleVisibility' | i18n}}" (click)="togglePassword()">
+                                    <i class="fa fa-lg" aria-hidden="true"
+                                        [ngClass]="{'fa-eye': !showPassword, 'fa-eye-slash': showPassword}"></i>
+                                </button>
+                                <button type="button" class="btn btn-outline-secondary"
+                                    appA11yTitle="{{'copyPassword' | i18n}}" (click)="copy(newPassword)">
+                                    <i class="fa fa-lg fa-clone" aria-hidden="true"></i>
+                                </button>
+                            </div>
+                        </div>
+                        <app-password-strength [score]="masterPasswordScore" [showText]="true">
+                        </app-password-strength>
+                    </div>
+                </div>
+            </div>
+            <div class="modal-footer">
+                <button type="submit" class="btn btn-primary btn-submit" [disabled]="form.loading">
+                    <i class="fa fa-spinner fa-spin" title="{{'loading' | i18n}}" aria-hidden="true"></i>
+                    <span>{{'save' | i18n}}</span>
+                </button>
+                <button type="button" class="btn btn-outline-secondary" data-dismiss="modal">{{'cancel' |
+                    i18n}}</button>
+            </div>
+        </form>
+    </div>
+</div>
--- a/src/app/organizations/manage/reset-password.component.ts
+++ b/src/app/organizations/manage/reset-password.component.ts
@@ -0,0 +1,191 @@
+import {
+    AfterViewInit,
+    Component,
+    EventEmitter,
+    Input,
+    OnInit,
+    Output,
+} from '@angular/core';
+
+import { ApiService } from 'jslib-common/abstractions/api.service';
+import { CryptoService } from 'jslib-common/abstractions/crypto.service';
+import { I18nService } from 'jslib-common/abstractions/i18n.service';
+import { PasswordGenerationService } from 'jslib-common/abstractions/passwordGeneration.service';
+import { PlatformUtilsService } from 'jslib-common/abstractions/platformUtils.service';
+import { PolicyService } from 'jslib-common/abstractions/policy.service';
+
+import { EncString } from 'jslib-common/models/domain/encString';
+import { MasterPasswordPolicyOptions } from 'jslib-common/models/domain/masterPasswordPolicyOptions';
+import { SymmetricCryptoKey } from 'jslib-common/models/domain/symmetricCryptoKey';
+import { OrganizationUserResetPasswordRequest } from 'jslib-common/models/request/organizationUserResetPasswordRequest';
+
+@Component({
+    selector: 'app-reset-password',
+    templateUrl: 'reset-password.component.html',
+})
+export class ResetPasswordComponent implements OnInit {
+    @Input() name: string;
+    @Input() email: string;
+    @Input() id: string;
+    @Input() organizationId: string;
+    @Output() onPasswordReset = new EventEmitter();
+
+    enforcedPolicyOptions: MasterPasswordPolicyOptions;
+    newPassword: string = null;
+    showPassword: boolean = false;
+    masterPasswordScore: number;
+    formPromise: Promise<any>;
+    private newPasswordStrengthTimeout: any;
+
+    constructor(private apiService: ApiService, private i18nService: I18nService,
+        private platformUtilsService: PlatformUtilsService, private passwordGenerationService: PasswordGenerationService,
+        private policyService: PolicyService, private cryptoService: CryptoService) { }
+
+    async ngOnInit() {
+        // Get Enforced Policy Options
+        this.enforcedPolicyOptions = await this.policyService.getMasterPasswordPolicyOptions();
+    }
+
+    get loggedOutWarningName() {
+        return this.name != null ? this.name : this.i18nService.t('thisUser');
+    }
+
+    getPasswordScoreAlertDisplay() {
+        if (this.enforcedPolicyOptions == null) {
+            return '';
+        }
+
+        let str: string;
+        switch (this.enforcedPolicyOptions.minComplexity) {
+            case 4:
+                str = this.i18nService.t('strong');
+                break;
+            case 3:
+                str = this.i18nService.t('good');
+                break;
+            default:
+                str = this.i18nService.t('weak');
+                break;
+        }
+        return str + ' (' + this.enforcedPolicyOptions.minComplexity + ')';
+    }
+
+    async generatePassword() {
+        const options = (await this.passwordGenerationService.getOptions())[0];
+        this.newPassword = await this.passwordGenerationService.generatePassword(options);
+        this.updatePasswordStrength();
+    }
+
+    togglePassword() {
+        this.showPassword = !this.showPassword;
+        document.getElementById('newPassword').focus();
+    }
+
+    copy(value: string) {
+        if (value == null) {
+            return;
+        }
+
+        this.platformUtilsService.copyToClipboard(value, { window: window });
+        this.platformUtilsService.showToast('info', null,
+            this.i18nService.t('valueCopied', this.i18nService.t('password')));
+    }
+
+    async submit() {
+        // Validation
+        if (this.newPassword == null || this.newPassword === '') {
+            this.platformUtilsService.showToast('error', this.i18nService.t('errorOccurred'),
+                this.i18nService.t('masterPassRequired'));
+            return false;
+        }
+
+        if (this.newPassword.length < 8) {
+            this.platformUtilsService.showToast('error', this.i18nService.t('errorOccurred'),
+                this.i18nService.t('masterPassLength'));
+            return false;
+        }
+
+        if (this.enforcedPolicyOptions != null &&
+            !this.policyService.evaluateMasterPassword(this.masterPasswordScore, this.newPassword,
+                this.enforcedPolicyOptions)) {
+            this.platformUtilsService.showToast('error', this.i18nService.t('errorOccurred'),
+                this.i18nService.t('masterPasswordPolicyRequirementsNotMet'));
+            return;
+        }
+
+        if (this.masterPasswordScore < 3) {
+            const result = await this.platformUtilsService.showDialog(this.i18nService.t('weakMasterPasswordDesc'),
+                this.i18nService.t('weakMasterPassword'), this.i18nService.t('yes'), this.i18nService.t('no'),
+                'warning');
+            if (!result) {
+                return false;
+            }
+        }
+
+        // Get user Information (kdf type, kdf iterations, resetPasswordKey, private key) and change password
+        try {
+            this.formPromise = this.apiService.getOrganizationUserResetPasswordDetails(this.organizationId, this.id)
+                .then(async response => {
+                    if (response == null) {
+                        throw new Error(this.i18nService.t('resetPasswordDetailsError'));
+                    }
+
+                    const kdfType = response.kdf;
+                    const kdfIterations = response.kdfIterations;
+                    const resetPasswordKey = response.resetPasswordKey;
+                    const encryptedPrivateKey = response.encryptedPrivateKey;
+
+                    // Decrypt Organization's encrypted Private Key with org key
+                    const orgSymKey = await this.cryptoService.getOrgKey(this.organizationId);
+                    const decPrivateKey = await this.cryptoService.decryptToBytes(new EncString(encryptedPrivateKey), orgSymKey);
+
+                    // Decrypt User's Reset Password Key to get EncKey
+                    const decValue = await this.cryptoService.rsaDecrypt(resetPasswordKey, decPrivateKey);
+                    const userEncKey = new SymmetricCryptoKey(decValue);
+
+                    // Create new key and hash new password
+                    const newKey = await this.cryptoService.makeKey(this.newPassword, this.email.trim().toLowerCase(),
+                        kdfType, kdfIterations);
+                    const newPasswordHash = await this.cryptoService.hashPassword(this.newPassword, newKey);
+
+                    // Create new encKey for the User
+                    const newEncKey = await this.cryptoService.remakeEncKey(newKey, userEncKey);
+
+                    // Create request
+                    const request = new OrganizationUserResetPasswordRequest();
+                    request.key = newEncKey[1].encryptedString;
+                    request.newMasterPasswordHash = newPasswordHash;
+
+                    // Change user's password
+                    return this.apiService.putOrganizationUserResetPassword(this.organizationId, this.id, request);
+                });
+
+            await this.formPromise;
+            this.platformUtilsService.showToast('success', null, this.i18nService.t('resetPasswordSuccess'));
+            this.onPasswordReset.emit();
+        } catch { }
+    }
+
+    updatePasswordStrength() {
+        if (this.newPasswordStrengthTimeout != null) {
+            clearTimeout(this.newPasswordStrengthTimeout);
+        }
+        this.newPasswordStrengthTimeout = setTimeout(() => {
+            const strengthResult = this.passwordGenerationService.passwordStrength(this.newPassword,
+                this.getPasswordStrengthUserInput());
+            this.masterPasswordScore = strengthResult == null ? null : strengthResult.score;
+        }, 300);
+    }
+
+    private getPasswordStrengthUserInput() {
+        let userInput: string[] = [];
+        const atPosition = this.email.indexOf('@');
+        if (atPosition > -1) {
+            userInput = userInput.concat(this.email.substr(0, atPosition).trim().toLowerCase().split(/[^A-Za-z0-9]/));
+        }
+        if (this.name != null && this.name !== '') {
+            userInput = userInput.concat(this.name.trim().toLowerCase().split(' '));
+        }
+        return userInput;
+    }
+}
--- a/src/app/organizations/manage/user-add-edit.component.html
+++ b/src/app/organizations/manage/user-add-edit.component.html
@@ -1,5 +1,5 @@
 <div class="modal fade" tabindex="-1" role="dialog" aria-modal="true" aria-labelledby="userAddEditTitle">
-    <div class="modal-dialog modal-lg" role="document">
+    <div class="modal-dialog modal-dialog-scrollable modal-lg" role="document">
        <form class="modal-content" #form (ngSubmit)="submit()" [appApiAction]="formPromise" ngNativeValidate>
            <div class="modal-header">
                <h2 class="modal-title" id="userAddEditTitle">
@@ -19,7 +19,8 @@
                    <p>{{'inviteUserDesc' | i18n}}</p>
                    <div class="form-group mb-4">
                        <label for="emails">{{'email' | i18n}}</label>
-                        <input id="emails" class="form-control" type="text" name="Emails" [(ngModel)]="emails" required>
+                        <input id="emails" class="form-control" type="text" name="Emails" [(ngModel)]="emails" required
+                            appAutoFocus>
                        <small class="text-muted">{{'inviteMultipleEmailDesc' | i18n : '20'}}</small>
                    </div>
                </ng-container>
@@ -62,8 +63,138 @@
                        <small>{{'ownerDesc' | i18n}}</small>
                    </label>
                </div>
+                <div class="form-check mt-2 form-check-block">
+                    <input class="form-check-input" type="radio" name="userType" id="userTypeCustom"
+                        [value]="organizationUserType.Custom" [(ngModel)]="type">
+                    <label class="form-check-label" for="userTypeCustom">
+                        {{'custom' | i18n}}
+                        <small>{{'customDesc' | i18n}}</small>
+                    </label>
+                </div>
+                <ng-container *ngIf="customUserTypeSelected">
+                    <h3 class="mt-4 d-flex">
+                        {{'permissions' | i18n}}
+                    </h3>
+                    <div class="row">
+                        <div class="col-6">
+                            <div class="mb-3">
+                                <label class="font-weight-bold mb-0">Manager Permissions</label>
+                                <hr class="my-0 mr-2" />
+                                <div class="form-group mb-0">
+                                    <div class="form-check mt-1 form-check-block">
+                                        <input class="form-check-input" type="checkbox" name="manageAssignedCollections"
+                                            id="manageAssignedCollections"
+                                            [(ngModel)]="permissions.manageAssignedCollections">
+                                        <label class="form-check-label font-weight-normal"
+                                            for="manageAssignedCollections">
+                                            {{'manageAssignedCollections' | i18n}}
+                                        </label>
+                                    </div>
+                                </div>
+                            </div>
+                        </div>
+                        <div class="col-6">
+                            <div class="mb-3">
+                                <label class="font-weight-bold mb-0">Admin Permissions</label>
+                                <hr class="my-0 mr-2" />
+                                <div class="form-group mb-0">
+                                    <div class="form-check mt-1 form-check-block">
+                                        <input class="form-check-input" type="checkbox" name="accessBusinessPortal"
+                                            id="accessBusinessPortal" [(ngModel)]="permissions.accessBusinessPortal">
+                                        <label class="form-check-label font-weight-normal" for="accessBusinessPortal">
+                                            {{'accessBusinessPortal' | i18n}}
+                                        </label>
+                                    </div>
+                                </div>
+                                <div class="form-group mb-0">
+                                    <div class="form-check mt-1 form-check-block">
+                                        <input class="form-check-input" type="checkbox" name="accessEventLogs"
+                                            id="accessEventLogs" [(ngModel)]="permissions.accessEventLogs">
+                                        <label class="form-check-label font-weight-normal" for="accessEventLogs">
+                                            {{'accessEventLogs' | i18n}}
+                                        </label>
+                                    </div>
+                                </div>
+                                <div class="form-group mb-0">
+                                    <div class="form-check mt-1 form-check-block">
+                                        <input class="form-check-input" type="checkbox" name="accessImportExport"
+                                            id="accessImportExport" [(ngModel)]="permissions.accessImportExport">
+                                        <label class="form-check-label font-weight-normal" for="accessImportExport">
+                                            {{'accessImportExport' | i18n}}
+                                        </label>
+                                    </div>
+                                </div>
+                                <div class="form-group mb-0">
+                                    <div class="form-check mt-1 form-check-block">
+                                        <input class="form-check-input" type="checkbox" name="accessReports"
+                                            id="accessReports" [(ngModel)]="permissions.accessReports">
+                                        <label class="form-check-label font-weight-normal" for="accessReports">
+                                            {{'accessReports' | i18n}}
+                                        </label>
+                                    </div>
+                                </div>
+                                <div class="form-group mb-0">
+                                    <div class="form-check mt-1 form-check-block">
+                                        <input class="form-check-input" type="checkbox" name="manageAllCollections"
+                                            id="manageAllCollections" [(ngModel)]="permissions.manageAllCollections">
+                                        <label class="form-check-label font-weight-normal" for="manageAllCollections">
+                                            {{'manageAllCollections' | i18n}}
+                                        </label>
+                                    </div>
+                                </div>
+                                <div class="form-group mb-0">
+                                    <div class="form-check mt-1 form-check-block">
+                                        <input class="form-check-input" type="checkbox" name="manageGroups"
+                                            id="manageGroups" [(ngModel)]="permissions.manageGroups">
+                                        <label class="form-check-label font-weight-normal" for="manageGroups">
+                                            {{'manageGroups' | i18n}}
+                                        </label>
+                                    </div>
+                                </div>
+                                <div class="form-group mb-0">
+                                    <div class="form-check mt-1 form-check-block">
+                                        <input class="form-check-input" type="checkbox" name="manageSso"
+                                            id="managePolicies" [(ngModel)]="permissions.manageSso">
+                                        <label class="form-check-label font-weight-normal" for="manageSso">
+                                            {{'manageSso' | i18n}}
+                                        </label>
+                                    </div>
+                                </div>
+                                <div class="form-group mb-0">
+                                    <div class="form-check mt-1 form-check-block">
+                                        <input class="form-check-input" type="checkbox" name="managePolicies"
+                                            id="managePolicies" [(ngModel)]="permissions.managePolicies">
+                                        <label class="form-check-label font-weight-normal" for="managePolicies">
+                                            {{'managePolicies' | i18n}}
+                                        </label>
+                                    </div>
+                                </div>
+                                <div class="form-group mb-0">
+                                    <div class="form-check mt-1 form-check-block">
+                                        <input class="form-check-input" type="checkbox" name="manageUsers"
+                                            id="manageUsers" [(ngModel)]="permissions.manageUsers"
+                                            (change)="handleDependentPermissions()">
+                                        <label class="form-check-label font-weight-normal" for="manageUsers">
+                                            {{'manageUsers' | i18n}}
+                                        </label>
+                                    </div>
+                                </div>
+                                <div class="form-group mb-0">
+                                    <div class="form-check mt-1 form-check-block">
+                                        <input class="form-check-input" type="checkbox" name="manageResetPassword"
+                                            id="manageResetPassword" [(ngModel)]="permissions.manageResetPassword"
+                                            (change)="handleDependentPermissions()">
+                                        <label class="form-check-label font-weight-normal" for="manageResetPassword">
+                                            {{'manageResetPassword' | i18n}}
+                                        </label>
+                                    </div>
+                                </div>
+                            </div>
+                        </div>
+                    </div>
+                </ng-container>
                <h3 class="mt-4 d-flex">
-                    <div class="mb-2">
+                    <div class="mb-3">
                        {{'accessControl' | i18n}}
                        <a target="_blank" rel="noopener" appA11yTitle="{{'learnMore' | i18n}}"
                            href="https://bitwarden.com/help/article/user-types-access-control/#access-control">
@@ -135,8 +266,9 @@
                    <i class="fa fa-spinner fa-spin" title="{{'loading' | i18n}}" aria-hidden="true"></i>
                    <span>{{'save' | i18n}}</span>
                </button>
-                <button type="button" class="btn btn-outline-secondary"
-                    data-dismiss="modal">{{'cancel' | i18n}}</button>
+                <button type="button" class="btn btn-outline-secondary" data-dismiss="modal">
+                    {{'cancel' | i18n}}
+                </button>
                <div class="ml-auto">
                    <button #deleteBtn type="button" (click)="delete()" class="btn btn-outline-danger"
                        appA11yTitle="{{'delete' | i18n}}" *ngIf="editMode" [disabled]="deleteBtn.loading"
--- a/src/app/organizations/manage/user-add-edit.component.ts
+++ b/src/app/organizations/manage/user-add-edit.component.ts
@@ -7,22 +7,22 @@ import {
 } from '@angular/core';

 import { ToasterService } from 'angular2-toaster';
-import { Angulartics2 } from 'angulartics2';

-import { ApiService } from 'jslib/abstractions/api.service';
-import { CollectionService } from 'jslib/abstractions/collection.service';
-import { I18nService } from 'jslib/abstractions/i18n.service';
-import { PlatformUtilsService } from 'jslib/abstractions/platformUtils.service';
+import { ApiService } from 'jslib-common/abstractions/api.service';
+import { CollectionService } from 'jslib-common/abstractions/collection.service';
+import { I18nService } from 'jslib-common/abstractions/i18n.service';
+import { PlatformUtilsService } from 'jslib-common/abstractions/platformUtils.service';

-import { CollectionData } from 'jslib/models/data/collectionData';
-import { Collection } from 'jslib/models/domain/collection';
-import { OrganizationUserInviteRequest } from 'jslib/models/request/organizationUserInviteRequest';
-import { OrganizationUserUpdateRequest } from 'jslib/models/request/organizationUserUpdateRequest';
-import { SelectionReadOnlyRequest } from 'jslib/models/request/selectionReadOnlyRequest';
-import { CollectionDetailsResponse } from 'jslib/models/response/collectionResponse';
-import { CollectionView } from 'jslib/models/view/collectionView';
+import { CollectionData } from 'jslib-common/models/data/collectionData';
+import { Collection } from 'jslib-common/models/domain/collection';
+import { OrganizationUserInviteRequest } from 'jslib-common/models/request/organizationUserInviteRequest';
+import { OrganizationUserUpdateRequest } from 'jslib-common/models/request/organizationUserUpdateRequest';
+import { SelectionReadOnlyRequest } from 'jslib-common/models/request/selectionReadOnlyRequest';
+import { CollectionDetailsResponse } from 'jslib-common/models/response/collectionResponse';
+import { CollectionView } from 'jslib-common/models/view/collectionView';

-import { OrganizationUserType } from 'jslib/enums/organizationUserType';
+import { OrganizationUserType } from 'jslib-common/enums/organizationUserType';
+import { PermissionsApi } from 'jslib-common/models/api/permissionsApi';

@Component({
    selector: 'app-user-add-edit',
@@ -40,15 +40,21 @@ export class UserAddEditComponent implements OnInit {
    title: string;
    emails: string;
    type: OrganizationUserType = OrganizationUserType.User;
+    permissions = new PermissionsApi();
+    showCustom = false;
    access: 'all' | 'selected' = 'selected';
    collections: CollectionView[] = [];
    formPromise: Promise<any>;
    deletePromise: Promise<any>;
    organizationUserType = OrganizationUserType;

+    get customUserTypeSelected(): boolean {
+        return this.type === OrganizationUserType.Custom;
+    }
+
    constructor(private apiService: ApiService, private i18nService: I18nService,
-        private analytics: Angulartics2, private toasterService: ToasterService,
-        private collectionService: CollectionService, private platformUtilsService: PlatformUtilsService) { }
+        private toasterService: ToasterService, private collectionService: CollectionService,
+        private platformUtilsService: PlatformUtilsService) { }

    async ngOnInit() {
        this.editMode = this.loading = this.organizationUserId != null;
@@ -61,9 +67,12 @@ export class UserAddEditComponent implements OnInit {
                const user = await this.apiService.getOrganizationUser(this.organizationId, this.organizationUserId);
                this.access = user.accessAll ? 'all' : 'selected';
                this.type = user.type;
+                if (user.type === OrganizationUserType.Custom) {
+                    this.permissions = user.permissions;
+                }
                if (user.collections != null && this.collections != null) {
-                    user.collections.forEach((s) => {
-                        const collection = this.collections.filter((c) => c.id === s.id);
+                    user.collections.forEach(s => {
+                        const collection = this.collections.filter(c => c.id === s.id);
                        if (collection != null && collection.length > 0) {
                            (collection[0] as any).checked = true;
                            collection[0].readOnly = s.readOnly;
@@ -81,7 +90,7 @@ export class UserAddEditComponent implements OnInit {

    async loadCollections() {
        const response = await this.apiService.getCollections(this.organizationId);
-        const collections = response.data.map((r) =>
+        const collections = response.data.map(r =>
            new Collection(new CollectionData(r as CollectionDetailsResponse)));
        this.collections = await this.collectionService.decryptMany(collections);
    }
@@ -94,14 +103,60 @@ export class UserAddEditComponent implements OnInit {
    }

    selectAll(select: boolean) {
-        this.collections.forEach((c) => this.check(c, select));
+        this.collections.forEach(c => this.check(c, select));
+    }
+
+    setRequestPermissions(p: PermissionsApi, clearPermissions: boolean) {
+        p.accessBusinessPortal = clearPermissions ?
+            false :
+            this.permissions.accessBusinessPortal;
+        p.accessEventLogs = this.permissions.accessEventLogs = clearPermissions ?
+            false :
+            this.permissions.accessEventLogs;
+        p.accessImportExport = clearPermissions ?
+            false :
+            this.permissions.accessImportExport;
+        p.accessReports = clearPermissions ?
+            false :
+            this.permissions.accessReports;
+        p.manageAllCollections = clearPermissions ?
+            false :
+            this.permissions.manageAllCollections;
+        p.manageAssignedCollections = clearPermissions ?
+            false :
+            this.permissions.manageAssignedCollections;
+        p.manageGroups = clearPermissions ?
+            false :
+            this.permissions.manageGroups;
+        p.manageSso = clearPermissions ?
+            false :
+            this.permissions.manageSso;
+        p.managePolicies = clearPermissions ?
+            false :
+            this.permissions.managePolicies;
+        p.manageUsers = clearPermissions ?
+            false :
+            this.permissions.manageUsers;
+        p.manageResetPassword = clearPermissions ?
+            false :
+            this.permissions.manageResetPassword;
+        return p;
+    }
+
+    handleDependentPermissions() {
+        // Manage Password Reset must have Manage Users enabled
+        if (this.permissions.manageResetPassword && !this.permissions.manageUsers) {
+            this.permissions.manageUsers = true;
+            (document.getElementById('manageUsers') as HTMLInputElement).checked = true;
+            this.platformUtilsService.showToast('info', null, this.i18nService.t('resetPasswordManageUsers'));
+        }
    }

    async submit() {
        let collections: SelectionReadOnlyRequest[] = null;
        if (this.access !== 'all') {
-            collections = this.collections.filter((c) => (c as any).checked)
-                .map((c) => new SelectionReadOnlyRequest(c.id, !!c.readOnly, !!c.hidePasswords));
+            collections = this.collections.filter(c => (c as any).checked)
+                .map(c => new SelectionReadOnlyRequest(c.id, !!c.readOnly, !!c.hidePasswords));
        }

        try {
@@ -110,6 +165,7 @@ export class UserAddEditComponent implements OnInit {
                request.accessAll = this.access === 'all';
                request.type = this.type;
                request.collections = collections;
+                request.permissions = this.setRequestPermissions(request.permissions ?? new PermissionsApi(), request.type !== OrganizationUserType.Custom);
                this.formPromise = this.apiService.putOrganizationUser(this.organizationId, this.organizationUserId,
                    request);
            } else {
@@ -117,11 +173,11 @@ export class UserAddEditComponent implements OnInit {
                request.emails = this.emails.trim().split(/\s*,\s*/);
                request.accessAll = this.access === 'all';
                request.type = this.type;
+                request.permissions = this.setRequestPermissions(request.permissions ?? new PermissionsApi(), request.type !== OrganizationUserType.Custom);
                request.collections = collections;
                this.formPromise = this.apiService.postOrganizationUserInvite(this.organizationId, request);
            }
            await this.formPromise;
-            this.analytics.eventTrack.next({ action: this.editMode ? 'Edited User' : 'Invited User' });
            this.toasterService.popAsync('success', null,
                this.i18nService.t(this.editMode ? 'editedUserId' : 'invitedUsers', this.name));
            this.onSavedUser.emit();
@@ -143,9 +199,9 @@ export class UserAddEditComponent implements OnInit {
        try {
            this.deletePromise = this.apiService.deleteOrganizationUser(this.organizationId, this.organizationUserId);
            await this.deletePromise;
-            this.analytics.eventTrack.next({ action: 'Deleted User' });
            this.toasterService.popAsync('success', null, this.i18nService.t('removedUserId', this.name));
            this.onDeletedUser.emit();
        } catch { }
    }
+
 }
--- a/src/app/organizations/manage/user-confirm.component.html
+++ b/src/app/organizations/manage/user-confirm.component.html
@@ -1,6 +1,6 @@
 <div class="modal fade" tabindex="-1" role="dialog" aria-modal="true" aria-labelledby="confirmUserTitle">
-    <div class="modal-dialog" role="document">
-        <form class="modal-content" #form (ngSubmit)="submit()" [appApiAction]="formPromise">
+    <div class="modal-dialog modal-dialog-scrollable" role="document">
+        <form class="modal-content" #form (ngSubmit)="submit()">
            <div class="modal-header">
                <h2 class="modal-title" id="confirmUserTitle">
                    {{'confirmUser' | i18n}}
--- a/src/app/organizations/manage/user-confirm.component.ts
+++ b/src/app/organizations/manage/user-confirm.component.ts
@@ -6,19 +6,13 @@ import {
    Output,
 } from '@angular/core';

-import { ToasterService } from 'angular2-toaster';
-import { Angulartics2 } from 'angulartics2';
+import { ConstantsService } from 'jslib-common/services/constants.service';

-import { ConstantsService } from 'jslib/services/constants.service';
+import { ApiService } from 'jslib-common/abstractions/api.service';
+import { CryptoService } from 'jslib-common/abstractions/crypto.service';
+import { StorageService } from 'jslib-common/abstractions/storage.service';

-import { ApiService } from 'jslib/abstractions/api.service';
-import { CryptoService } from 'jslib/abstractions/crypto.service';
-import { I18nService } from 'jslib/abstractions/i18n.service';
-import { StorageService } from 'jslib/abstractions/storage.service';
-
-import { OrganizationUserConfirmRequest } from 'jslib/models/request/organizationUserConfirmRequest';
-
-import { Utils } from 'jslib/misc/utils';
+import { Utils } from 'jslib-common/misc/utils';

@Component({
    selector: 'app-user-confirm',
@@ -34,13 +28,11 @@ export class UserConfirmComponent implements OnInit {
    dontAskAgain = false;
    loading = true;
    fingerprint: string;
-    formPromise: Promise<any>;

    private publicKey: Uint8Array = null;

-    constructor(private apiService: ApiService, private i18nService: I18nService,
-        private analytics: Angulartics2, private toasterService: ToasterService,
-        private cryptoService: CryptoService, private storageService: StorageService) { }
+    constructor(private apiService: ApiService, private cryptoService: CryptoService,
+        private storageService: StorageService) { }

    async ngOnInit() {
        try {
@@ -65,20 +57,6 @@ export class UserConfirmComponent implements OnInit {
            await this.storageService.save(ConstantsService.autoConfirmFingerprints, true);
        }

-        try {
-            this.formPromise = this.doConfirmation();
-            await this.formPromise;
-            this.analytics.eventTrack.next({ action: 'Confirmed User' });
-            this.toasterService.popAsync('success', null, this.i18nService.t('hasBeenConfirmed', this.name));
-            this.onConfirmedUser.emit();
-        } catch { }
-    }
-
-    private async doConfirmation() {
-        const orgKey = await this.cryptoService.getOrgKey(this.organizationId);
-        const key = await this.cryptoService.rsaEncrypt(orgKey.key, this.publicKey.buffer);
-        const request = new OrganizationUserConfirmRequest();
-        request.key = key.encryptedString;
-        await this.apiService.postOrganizationUserConfirm(this.organizationId, this.organizationUserId, request);
+        this.onConfirmedUser.emit(this.publicKey);
    }
 }
--- a/src/app/organizations/manage/user-groups.component.html
+++ b/src/app/organizations/manage/user-groups.component.html
@@ -1,5 +1,5 @@
 <div class="modal fade" tabindex="-1" role="dialog" aria-modal="true" aria-labelledby="groupAccessTitle">
-    <div class="modal-dialog" role="document">
+    <div class="modal-dialog modal-dialog-scrollable" role="document">
        <form class="modal-content" #form (ngSubmit)="submit()" [appApiAction]="formPromise">
            <div class="modal-header">
                <h2 class="modal-title" id="groupAccessTitle">
--- a/src/app/organizations/manage/user-groups.component.ts
+++ b/src/app/organizations/manage/user-groups.component.ts
@@ -7,15 +7,14 @@ import {
 } from '@angular/core';

 import { ToasterService } from 'angular2-toaster';
-import { Angulartics2 } from 'angulartics2';

-import { ApiService } from 'jslib/abstractions/api.service';
-import { I18nService } from 'jslib/abstractions/i18n.service';
+import { ApiService } from 'jslib-common/abstractions/api.service';
+import { I18nService } from 'jslib-common/abstractions/i18n.service';

-import { OrganizationUserUpdateGroupsRequest } from 'jslib/models/request/organizationUserUpdateGroupsRequest';
-import { GroupResponse } from 'jslib/models/response/groupResponse';
+import { OrganizationUserUpdateGroupsRequest } from 'jslib-common/models/request/organizationUserUpdateGroupsRequest';
+import { GroupResponse } from 'jslib-common/models/response/groupResponse';

-import { Utils } from 'jslib/misc/utils';
+import { Utils } from 'jslib-common/misc/utils';

@Component({
    selector: 'app-user-groups',
@@ -32,11 +31,11 @@ export class UserGroupsComponent implements OnInit {
    formPromise: Promise<any>;

    constructor(private apiService: ApiService, private i18nService: I18nService,
-        private analytics: Angulartics2, private toasterService: ToasterService) { }
+        private toasterService: ToasterService) { }

    async ngOnInit() {
        const groupsResponse = await this.apiService.getGroups(this.organizationId);
-        const groups = groupsResponse.data.map((r) => r);
+        const groups = groupsResponse.data.map(r => r);
        groups.sort(Utils.getSortFunction(this.i18nService, 'name'));
        this.groups = groups;

@@ -44,8 +43,8 @@ export class UserGroupsComponent implements OnInit {
            const userGroups = await this.apiService.getOrganizationUserGroups(
                this.organizationId, this.organizationUserId);
            if (userGroups != null && this.groups != null) {
-                userGroups.forEach((ug) => {
-                    const group = this.groups.filter((g) => g.id === ug);
+                userGroups.forEach(ug => {
+                    const group = this.groups.filter(g => g.id === ug);
                    if (group != null && group.length > 0) {
                        (group[0] as any).checked = true;
                    }
@@ -64,18 +63,17 @@ export class UserGroupsComponent implements OnInit {
    }

    selectAll(select: boolean) {
-        this.groups.forEach((g) => this.check(g, select));
+        this.groups.forEach(g => this.check(g, select));
    }

    async submit() {
        const request = new OrganizationUserUpdateGroupsRequest();
-        request.groupIds = this.groups.filter((g) => (g as any).checked).map((g) => g.id);
+        request.groupIds = this.groups.filter(g => (g as any).checked).map(g => g.id);

        try {
            this.formPromise = this.apiService.putOrganizationUserGroups(this.organizationId, this.organizationUserId,
                request);
            await this.formPromise;
-            this.analytics.eventTrack.next({ action: 'Edited User Groups' });
            this.toasterService.popAsync('success', null, this.i18nService.t('editedGroupsForUser', this.name));
            this.onSavedUser.emit();
        } catch { }
--- a/src/app/organizations/settings/account.component.html
+++ b/src/app/organizations/settings/account.component.html
@@ -10,17 +10,23 @@
        <div class="col-6">
            <div class="form-group">
                <label for="name">{{'organizationName' | i18n}}</label>
-                <input id="name" class="form-control" type="text" name="Name" [(ngModel)]="org.name">
+                <input id="name" class="form-control" type="text" name="Name" [(ngModel)]="org.name"
+                    [disabled]="selfHosted">
            </div>
            <div class="form-group">
                <label for="billingEmail">{{'billingEmail' | i18n}}</label>
                <input id="billingEmail" class="form-control" type="text" name="BillingEmail"
-                    [(ngModel)]="org.billingEmail">
+                    [(ngModel)]="org.billingEmail" [disabled]="selfHosted">
            </div>
            <div class="form-group">
                <label for="businessName">{{'businessName' | i18n}}</label>
                <input id="businessName" class="form-control" type="text" name="BusinessName"
-                    [(ngModel)]="org.businessName">
+                    [(ngModel)]="org.businessName" [disabled]="selfHosted">
+            </div>
+            <div class="form-group">
+                <label for="identifier">{{'identifier' | i18n}}</label>
+                <input id="identifier" class="form-control" type="text" name="Identifier"
+                    [(ngModel)]="org.identifier">
            </div>
        </div>
        <div class="col-6">
--- a/src/app/organizations/settings/account.component.ts
+++ b/src/app/organizations/settings/account.component.ts
@@ -4,36 +4,42 @@ import {
    ViewChild,
    ViewContainerRef,
 } from '@angular/core';
+
 import { ActivatedRoute } from '@angular/router';

 import { ToasterService } from 'angular2-toaster';
-import { Angulartics2 } from 'angulartics2';

-import { ApiService } from 'jslib/abstractions/api.service';
-import { I18nService } from 'jslib/abstractions/i18n.service';
-import { SyncService } from 'jslib/abstractions/sync.service';
+import { ApiService } from 'jslib-common/abstractions/api.service';
+import { CryptoService } from 'jslib-common/abstractions/crypto.service';
+import { I18nService } from 'jslib-common/abstractions/i18n.service';
+import { PlatformUtilsService } from 'jslib-common/abstractions/platformUtils.service';
+import { SyncService } from 'jslib-common/abstractions/sync.service';

-import { OrganizationUpdateRequest } from 'jslib/models/request/organizationUpdateRequest';
-import { OrganizationResponse } from 'jslib/models/response/organizationResponse';
+import { OrganizationKeysRequest } from 'jslib-common/models/request/organizationKeysRequest';
+import { OrganizationUpdateRequest } from 'jslib-common/models/request/organizationUpdateRequest';
+
+import { OrganizationResponse } from 'jslib-common/models/response/organizationResponse';

 import { ModalComponent } from '../../modal.component';
+
+import { ApiKeyComponent } from '../../settings/api-key.component';
 import { PurgeVaultComponent } from '../../settings/purge-vault.component';
 import { TaxInfoComponent } from '../../settings/tax-info.component';
-import { ApiKeyComponent } from './api-key.component';
+
 import { DeleteOrganizationComponent } from './delete-organization.component';
-import { RotateApiKeyComponent } from './rotate-api-key.component';

@Component({
    selector: 'app-org-account',
    templateUrl: 'account.component.html',
 })
 export class AccountComponent {
-    @ViewChild('deleteOrganizationTemplate', { read: ViewContainerRef }) deleteModalRef: ViewContainerRef;
-    @ViewChild('purgeOrganizationTemplate', { read: ViewContainerRef }) purgeModalRef: ViewContainerRef;
-    @ViewChild('apiKeyTemplate', { read: ViewContainerRef }) apiKeyModalRef: ViewContainerRef;
-    @ViewChild('rotateApiKeyTemplate', { read: ViewContainerRef }) rotateApiKeyModalRef: ViewContainerRef;
+    @ViewChild('deleteOrganizationTemplate', { read: ViewContainerRef, static: true }) deleteModalRef: ViewContainerRef;
+    @ViewChild('purgeOrganizationTemplate', { read: ViewContainerRef, static: true }) purgeModalRef: ViewContainerRef;
+    @ViewChild('apiKeyTemplate', { read: ViewContainerRef, static: true }) apiKeyModalRef: ViewContainerRef;
+    @ViewChild('rotateApiKeyTemplate', { read: ViewContainerRef, static: true }) rotateApiKeyModalRef: ViewContainerRef;
    @ViewChild(TaxInfoComponent) taxInfo: TaxInfoComponent;

+    selfHosted = false;
    loading = true;
    canUseApi = false;
    org: OrganizationResponse;
@@ -45,11 +51,13 @@ export class AccountComponent {

    constructor(private componentFactoryResolver: ComponentFactoryResolver,
        private apiService: ApiService, private i18nService: I18nService,
-        private analytics: Angulartics2, private toasterService: ToasterService,
-        private route: ActivatedRoute, private syncService: SyncService) { }
+        private toasterService: ToasterService, private route: ActivatedRoute,
+        private syncService: SyncService, private platformUtilsService: PlatformUtilsService,
+        private cryptoService: CryptoService) { }

    async ngOnInit() {
-        this.route.parent.parent.params.subscribe(async (params) => {
+        this.selfHosted = this.platformUtilsService.isSelfHost();
+        this.route.parent.parent.params.subscribe(async params => {
            this.organizationId = params.organizationId;
            try {
                this.org = await this.apiService.getOrganization(this.organizationId);
@@ -65,11 +73,19 @@ export class AccountComponent {
            request.name = this.org.name;
            request.businessName = this.org.businessName;
            request.billingEmail = this.org.billingEmail;
+            request.identifier = this.org.identifier;
+
+            // Backfill pub/priv key if necessary
+            if (!this.org.hasPublicAndPrivateKeys) {
+                const orgShareKey = await this.cryptoService.getOrgKey(this.organizationId);
+                const orgKeys = await this.cryptoService.makeKeyPair(orgShareKey);
+                request.keys = new OrganizationKeysRequest(orgKeys[0], orgKeys[1].encryptedString);
+            }
+
            this.formPromise = this.apiService.putOrganization(this.organizationId, request).then(() => {
                return this.syncService.fullSync(true);
            });
            await this.formPromise;
-            this.analytics.eventTrack.next({ action: 'Updated Organization Settings' });
            this.toasterService.popAsync('success', null, this.i18nService.t('organizationUpdated'));
        } catch { }
    }
@@ -77,7 +93,6 @@ export class AccountComponent {
    async submitTaxInfo() {
        this.taxFormPromise = this.taxInfo.submitTaxInfo();
        await this.taxFormPromise;
-        this.analytics.eventTrack.next({ action: 'Updated Organization Tax Info' });
        this.toasterService.popAsync('success', null, this.i18nService.t('taxInfoUpdated'));
    }

@@ -120,7 +135,14 @@ export class AccountComponent {
        const factory = this.componentFactoryResolver.resolveComponentFactory(ModalComponent);
        this.modal = this.apiKeyModalRef.createComponent(factory).instance;
        const childComponent = this.modal.show<ApiKeyComponent>(ApiKeyComponent, this.apiKeyModalRef);
-        childComponent.organizationId = this.organizationId;
+        childComponent.keyType = 'organization';
+        childComponent.entityId = this.organizationId;
+        childComponent.postKey = this.apiService.postOrganizationApiKey.bind(this.apiService);
+        childComponent.scope = 'api.organization';
+        childComponent.grantType = 'client_credentials';
+        childComponent.apiKeyTitle = 'apiKey';
+        childComponent.apiKeyWarning = 'apiKeyWarning';
+        childComponent.apiKeyDescription = 'apiKeyDesc';

        this.modal.onClosed.subscribe(async () => {
            this.modal = null;
@@ -134,8 +156,16 @@ export class AccountComponent {

        const factory = this.componentFactoryResolver.resolveComponentFactory(ModalComponent);
        this.modal = this.rotateApiKeyModalRef.createComponent(factory).instance;
-        const childComponent = this.modal.show<RotateApiKeyComponent>(RotateApiKeyComponent, this.rotateApiKeyModalRef);
-        childComponent.organizationId = this.organizationId;
+        const childComponent = this.modal.show<ApiKeyComponent>(ApiKeyComponent, this.rotateApiKeyModalRef);
+        childComponent.keyType = 'organization';
+        childComponent.isRotation = true;
+        childComponent.entityId = this.organizationId;
+        childComponent.postKey = this.apiService.postOrganizationRotateApiKey.bind(this.apiService);
+        childComponent.scope = 'api.organization';
+        childComponent.grantType = 'client_credentials';
+        childComponent.apiKeyTitle = 'apiKey';
+        childComponent.apiKeyWarning = 'apiKeyWarning';
+        childComponent.apiKeyDescription = 'apiKeyRotateDesc';

        this.modal.onClosed.subscribe(async () => {
            this.modal = null;
--- a/src/app/organizations/settings/adjust-seats.component.ts
+++ b/src/app/organizations/settings/adjust-seats.component.ts
@@ -12,12 +12,11 @@ import {
 } from '@angular/router';

 import { ToasterService } from 'angular2-toaster';
-import { Angulartics2 } from 'angulartics2';

-import { ApiService } from 'jslib/abstractions/api.service';
-import { I18nService } from 'jslib/abstractions/i18n.service';
+import { ApiService } from 'jslib-common/abstractions/api.service';
+import { I18nService } from 'jslib-common/abstractions/i18n.service';

-import { SeatRequest } from 'jslib/models/request/seatRequest';
+import { SeatRequest } from 'jslib-common/models/request/seatRequest';

 import { PaymentComponent } from '../../settings/payment.component';

@@ -33,14 +32,14 @@ export class AdjustSeatsComponent {
    @Output() onAdjusted = new EventEmitter<number>();
    @Output() onCanceled = new EventEmitter();

-    @ViewChild(PaymentComponent) paymentComponent: PaymentComponent;
+    @ViewChild(PaymentComponent, { static: true }) paymentComponent: PaymentComponent;

    seatAdjustment = 0;
    formPromise: Promise<any>;

    constructor(private apiService: ApiService, private i18nService: I18nService,
-        private analytics: Angulartics2, private toasterService: ToasterService,
-        private router: Router, private activatedRoute: ActivatedRoute) { }
+        private toasterService: ToasterService, private router: Router,
+        private activatedRoute: ActivatedRoute) { }

    async submit() {
        try {
@@ -63,7 +62,6 @@ export class AdjustSeatsComponent {
            };
            this.formPromise = action();
            await this.formPromise;
-            this.analytics.eventTrack.next({ action: this.add ? 'Added Seats' : 'Removed Seats' });
            this.onAdjusted.emit(this.seatAdjustment);
            if (paymentFailed) {
                this.toasterService.popAsync({
--- a/src/app/organizations/settings/api-key.component.ts
+++ b/src/app/organizations/settings/api-key.component.ts
@@ -1,50 +0,0 @@
-import { Component } from '@angular/core';
-import { Router } from '@angular/router';
-
-import { ToasterService } from 'angular2-toaster';
-import { Angulartics2 } from 'angulartics2';
-
-import { ApiService } from 'jslib/abstractions/api.service';
-import { CryptoService } from 'jslib/abstractions/crypto.service';
-import { I18nService } from 'jslib/abstractions/i18n.service';
-
-import { PasswordVerificationRequest } from 'jslib/models/request/passwordVerificationRequest';
-
-import { ApiKeyResponse } from 'jslib/models/response/apiKeyResponse';
-
-@Component({
-    selector: 'app-api-key',
-    templateUrl: 'api-key.component.html',
-})
-export class ApiKeyComponent {
-    organizationId: string;
-
-    masterPassword: string;
-    formPromise: Promise<ApiKeyResponse>;
-    clientId: string;
-    clientSecret: string;
-    scope: string;
-
-    constructor(private apiService: ApiService, private i18nService: I18nService,
-        private analytics: Angulartics2, private toasterService: ToasterService,
-        private cryptoService: CryptoService, private router: Router) { }
-
-    async submit() {
-        if (this.masterPassword == null || this.masterPassword === '') {
-            this.toasterService.popAsync('error', this.i18nService.t('errorOccurred'),
-                this.i18nService.t('masterPassRequired'));
-            return;
-        }
-
-        const request = new PasswordVerificationRequest();
-        request.masterPasswordHash = await this.cryptoService.hashPassword(this.masterPassword, null);
-        try {
-            this.formPromise = this.apiService.postOrganizationApiKey(this.organizationId, request);
-            const response = await this.formPromise;
-            this.clientSecret = response.apiKey;
-            this.clientId = 'organization.' + this.organizationId;
-            this.scope = 'api.organization';
-            this.analytics.eventTrack.next({ action: 'Viewed Organization API Key' });
-        } catch { }
-    }
-}
--- a/src/app/organizations/settings/change-plan.component.html
+++ b/src/app/organizations/settings/change-plan.component.html
@@ -4,8 +4,8 @@
                aria-hidden="true">&times;</span></button>
        <h2 class="card-body-header">{{'changeBillingPlan' | i18n}}</h2>
        <p class="mb-0">{{'changeBillingPlanUpgrade' | i18n}}</p>
-        <app-organization-plans [showFree]="false" [showCancel]="true" plan="families" [organizationId]="organizationId"
-            (onCanceled)="cancel()">
+        <app-organization-plans [showFree]="false" [showCancel]="true" [plan]="defaultUpgradePlan"
+            [product]="defaultUpgradeProduct" [organizationId]="organizationId" (onCanceled)="cancel()">
        </app-organization-plans>
    </div>
 </div>
--- a/src/app/organizations/settings/change-plan.component.ts
+++ b/src/app/organizations/settings/change-plan.component.ts
@@ -5,8 +5,11 @@ import {
    Output,
 } from '@angular/core';

-import { ApiService } from 'jslib/abstractions/api.service';
-import { PlatformUtilsService } from 'jslib/abstractions/platformUtils.service';
+import { ApiService } from 'jslib-common/abstractions/api.service';
+import { PlatformUtilsService } from 'jslib-common/abstractions/platformUtils.service';
+
+import { PlanType } from 'jslib-common/enums/planType';
+import { ProductType } from 'jslib-common/enums/productType';

@Component({
    selector: 'app-change-plan',
@@ -18,12 +21,13 @@ export class ChangePlanComponent {
    @Output() onCanceled = new EventEmitter();

    formPromise: Promise<any>;
+    defaultUpgradePlan: PlanType = PlanType.FamiliesAnnually;
+    defaultUpgradeProduct: ProductType = ProductType.Families;

    constructor(private apiService: ApiService, private platformUtilsService: PlatformUtilsService) { }

    async submit() {
        try {
-            this.platformUtilsService.eventTrack('Changed Plan');
            this.onChanged.emit();
        } catch { }
    }
--- a/src/app/organizations/settings/delete-organization.component.html
+++ b/src/app/organizations/settings/delete-organization.component.html
@@ -1,5 +1,5 @@
 <div class="modal fade" tabindex="-1" role="dialog" aria-modal="true" aria-labelledby="deleteOrganizationTitle">
-    <div class="modal-dialog" role="document">
+    <div class="modal-dialog modal-dialog-scrollable" role="document">
        <form class="modal-content" #form (ngSubmit)="submit()" [appApiAction]="formPromise" ngNativeValidate>
            <div class="modal-header">
                <h2 class="modal-title" id="deleteOrganizationTitle">{{'deleteOrganization' | i18n}}</h2>
--- a/src/app/organizations/settings/delete-organization.component.ts
+++ b/src/app/organizations/settings/delete-organization.component.ts
@@ -2,13 +2,12 @@ import { Component } from '@angular/core';
 import { Router } from '@angular/router';

 import { ToasterService } from 'angular2-toaster';
-import { Angulartics2 } from 'angulartics2';

-import { ApiService } from 'jslib/abstractions/api.service';
-import { CryptoService } from 'jslib/abstractions/crypto.service';
-import { I18nService } from 'jslib/abstractions/i18n.service';
+import { ApiService } from 'jslib-common/abstractions/api.service';
+import { CryptoService } from 'jslib-common/abstractions/crypto.service';
+import { I18nService } from 'jslib-common/abstractions/i18n.service';

-import { PasswordVerificationRequest } from 'jslib/models/request/passwordVerificationRequest';
+import { PasswordVerificationRequest } from 'jslib-common/models/request/passwordVerificationRequest';

@Component({
    selector: 'app-delete-organization',
@@ -21,8 +20,8 @@ export class DeleteOrganizationComponent {
    formPromise: Promise<any>;

    constructor(private apiService: ApiService, private i18nService: I18nService,
-        private analytics: Angulartics2, private toasterService: ToasterService,
-        private cryptoService: CryptoService, private router: Router) { }
+        private toasterService: ToasterService, private cryptoService: CryptoService,
+        private router: Router) { }

    async submit() {
        if (this.masterPassword == null || this.masterPassword === '') {
@@ -36,7 +35,6 @@ export class DeleteOrganizationComponent {
        try {
            this.formPromise = this.apiService.deleteOrganization(this.organizationId, request);
            await this.formPromise;
-            this.analytics.eventTrack.next({ action: 'Deleted Organization' });
            this.toasterService.popAsync('success', this.i18nService.t('organizationDeleted'),
                this.i18nService.t('organizationDeletedDesc'));
            this.router.navigate(['/']);
--- a/src/app/organizations/settings/download-license.component.ts
+++ b/src/app/organizations/settings/download-license.component.ts
@@ -5,8 +5,8 @@ import {
    Output,
 } from '@angular/core';

-import { ApiService } from 'jslib/abstractions/api.service';
-import { PlatformUtilsService } from 'jslib/abstractions/platformUtils.service';
+import { ApiService } from 'jslib-common/abstractions/api.service';
+import { PlatformUtilsService } from 'jslib-common/abstractions/platformUtils.service';

@Component({
    selector: 'app-download-license',
@@ -32,7 +32,6 @@ export class DownloadLicenseComponent {
            const license = await this.formPromise;
            const licenseString = JSON.stringify(license, null, 2);
            this.platformUtilsService.saveFile(window, licenseString, null, 'bitwarden_organization_license.json');
-            this.platformUtilsService.eventTrack('Downloaded License');
            this.onDownloaded.emit();
        } catch { }
    }
--- a/Show More
+++ b/Show More