Group / organization support?

[arpIdeas]

I'm toying with the idea of launching a self-hosted Vaultwarden for our company needs - essentially we want to be able to keep track of who has access to what external resources based on LDAP assignments (ex. account is member of a specific group -> has access to certain collections; if account gets disabled / removed from group that collection access should be revoked).

I've already noticed from this question that LDAP sync for Vaultwarden can't really do the same thing as the Bitwarden Directory Connector when it comes to disabling users, and it seems to be more aimed towards adding LDAP users to Vaultwarden in general than to sync users up with organizations.

Are there any plans to get this sort of functionality into valutwarden_ldap?

[ViViDboarder]

I have no plans to increase the scope of this project, but I believe that Vaultwarden now supports the APIs required to use the Bitwarden Directory Connector to provide those features.

[arpIdeas]

That sounds like an awesome solution... but I have to ask if you're sure of this.

One of the first things one has to do when setting up the Directory Connector is to specify the Client ID and Secret key. From what I can tell it's not possible to get those from Vaultwarden.