Bitwarden adds one-click logins for non-SSO web apps

Bitwarden has added an enterprise policy to its Password Manager that gives employees one-click automated logins for web applications that do not support single sign-on (SSO).

The update targets a common gap in identity setups. Many organisations use an identity provider dashboard for SSO but still rely on manual logins for web tools outside SSO coverage. Those applications can lead to inconsistent access practices and separate stores of credentials.

Under the new policy, administrators choose which websites and applications can use automatic login in the Bitwarden Admin Console. Employees then launch an approved application from an identity provider dashboard such as Okta, Microsoft Entra ID, or Rippling. Bitwarden pulls credentials from the user's encrypted vault, fills them in, and submits the login automatically.

Bitwarden positions the policy as a way to extend an SSO-style experience across a wider range of SaaS and web applications without requiring each one to have a native SSO integration.

Unmanaged apps

Unmanaged or non-standard applications have become a recurring issue as companies adopt more cloud tools. Gartner defines these as applications that fall outside identity governance systems. Research from 451 Research, cited by Bitwarden, found that 56% of enterprises said only 34% to 66% of their applications use SSO, leaving a substantial portion of logins outside central coverage.

In practice, those gaps can translate into manual password entry, password reuse, and credentials stored outside approved tools. They can also add administrative overhead when teams need to enforce access policies across a mix of SSO and non-SSO services.

The new policy emphasises control as well as convenience. Administrators specify which URLs and applications are enabled for automated login, aiming to prevent autofill on unapproved sites. It also gives security teams a single place to set rules for how users sign in to specific web services.

How it works

The workflow starts in the identity provider dashboard. When an employee selects an application tile, Bitwarden uses the credentials stored in the vault for that application, then fills and submits them without the user typing a password.

Bitwarden says this reduces login errors and friction for users. It also says it strengthens security by discouraging unmanaged credential habits and reinforcing password management practices.

The policy sits alongside other identity-related features in the Bitwarden ecosystem, including Bitwarden SSO and System for Cross-domain Identity Management (SCIM) provisioning. SCIM is widely used to automate the provisioning and deprovisioning of users in connected applications.

Bitwarden also framed the announcement within identity governance, saying the automatic login policy provides "unified oversight" for applications without native SSO support. The goal is to make credential use and access patterns more consistent across a broader application landscape.

The automatic login with SSO policy is available on the Bitwarden Enterprise plan and can be enabled in the Bitwarden Admin Console.