-
|
I tested the image with the new SSO feature and tested it out with Authentik. It works to authenticate a user, but after signing in, you still have to enter the 2fa code and then the master password. That makes the SSO feel like just an extra step that doesn't really do anything. Am I missing something, or is this the intended way it works? |
Beta Was this translation helpful? Give feedback.
Replies: 3 comments
-
|
You can't. See https://bitwarden.com/help/using-sso/#login-using-sso . |
Beta Was this translation helpful? Give feedback.
-
|
This does kinda suck from a user point of view, however, it is very handy for controlling users who are able to authenticate with bitwarden. If I already have 2FA enabled and enforced via my IdP, would it be a bad idea to not have a OTP enabled in bitwarden itself? I will be limiting my authentication to SSO only in this case so anyone who cannot SSO, which would be everyone but me and my family, would be locked out essentially. |
Beta Was this translation helpful? Give feedback.
-
|
This is partially related to #6746 (discussion) and #6833 (PR). |
Beta Was this translation helpful? Give feedback.
You can't. See https://bitwarden.com/help/using-sso/#login-using-sso .
Unless someone makes one of these other options available: https://bitwarden.com/help/sso-decryption-options/