dahjah/vaultwarden
1
0
Fork 0
mirror of https://github.com/dani-garcia/vaultwarden.git synced 2026-02-20 09:11:58 -07:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

SSO config to skip 2FA on login

Browse Source 
Signed-off-by: Kowalski Dragon (kowalski7cc) <kowalski7cc@users.noreply.github.com>
This commit is contained in:
Kowalski Dragon (kowalski7cc) 2026-02-15 12:47:31 +01:00
parent 36f0620fd1
commit 082acbe5d4
No known key found for this signature in database
GPG Key ID: C4E819BD2BC6233E
2 changed files with 7 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
src/api/identity.rs
View File

@ -275,7 +275,11 @@ async fn _sso_login(
Some((mut user, sso_user)) => {
let mut device = get_device(&data, conn, &user).await?;
let twofactor_token = twofactor_auth(&mut user, &data, &mut device, ip, client_version, conn).await?;
let twofactor_token = if CONFIG.sso_skip_2fa() {
None
} else {
twofactor_auth(&mut user, &data, &mut device, ip, client_version, conn).await?
};
if user.private_key.is_none() {
// User was invited a stub was created

2
src/config.rs
View File

@ -827,6 +827,8 @@ make_config! {
sso_auth_only_not_session: bool, true, def, false;
/// Client cache for discovery endpoint. |> Duration in seconds (0 or less to disable). More details: https://github.com/dani-garcia/vaultwarden/wiki/Enabling-SSO-support-using-OpenId-Connect#client-cache
sso_client_cache_expiration: u64, true, def, 0;
/// Skip 2FA for SSO login |> Disable two-factor authentication requirement for SSO login
sso_skip_2fa: bool, true, def, false;
/// Log all tokens |> `LOG_LEVEL=debug` or `LOG_LEVEL=info,vaultwarden::sso=debug` is required
sso_debug_tokens: bool, true, def, false;
},