updated notification text

backend/package-lock.json

@@ -56,7 +56,6 @@
         "passport-github": "^1.1.0",
         "passport-gitlab2": "^5.0.0",
         "passport-google-oauth20": "^2.0.0",
-        "passport-ldapauth": "^3.0.1",
         "pg": "^8.11.3",
         "pino": "^8.16.1",
         "pino-http": "^8.5.1",
@@ -7414,14 +7413,6 @@
         "@types/node": "*"
       }
     },
-    "node_modules/@types/ldapjs": {
-      "version": "2.2.5",
-      "resolved": "https://registry.npmjs.org/@types/ldapjs/-/ldapjs-2.2.5.tgz",
-      "integrity": "sha512-Lv/nD6QDCmcT+V1vaTRnEKE8UgOilVv5pHcQuzkU1LcRe4mbHHuUo/KHi0LKrpdHhQY8FJzryF38fcVdeUIrzg==",
-      "dependencies": {
-        "@types/node": "*"
-      }
-    },
     "node_modules/@types/libsodium-wrappers": {
       "version": "0.7.10",
       "resolved": "https://registry.npmjs.org/@types/libsodium-wrappers/-/libsodium-wrappers-0.7.10.tgz",
@@ -7974,11 +7965,6 @@
         "node": ">=6.5"
       }
     },
-    "node_modules/abstract-logging": {
-      "version": "2.0.1",
-      "resolved": "https://registry.npmjs.org/abstract-logging/-/abstract-logging-2.0.1.tgz",
-      "integrity": "sha512-2BjRTZxTPvheOvGbBslFSYOUkr+SjPtOnrLP33f+VIWLzezQpZcqVg7ja3L4dBXmzzgwT+a029jRx5PCi3JuiA=="
-    },
     "node_modules/accepts": {
       "version": "1.3.8",
       "resolved": "https://registry.npmjs.org/accepts/-/accepts-1.3.8.tgz",
@@ -8277,18 +8263,11 @@
       "integrity": "sha512-BSHWgDSAiKs50o2Re8ppvp3seVHXSRM44cdSsT9FfNEUUZLOGWVCsiWaRPWM1Znn+mqZ1OfVZ3z3DWEzSp7hRA==",
       "dev": true
     },
-    "node_modules/asn1": {
-      "version": "0.2.6",
-      "resolved": "https://registry.npmjs.org/asn1/-/asn1-0.2.6.tgz",
-      "integrity": "sha512-ix/FxPn0MDjeyJ7i/yoHGFt/EX6LyNbxSEhPPXODPL+KB0VPk86UYfL0lMdy+KCnv+fmvIzySwaK5COwqVbWTQ==",
-      "dependencies": {
-        "safer-buffer": "~2.1.0"
-      }
-    },
     "node_modules/assert-plus": {
       "version": "1.0.0",
       "resolved": "https://registry.npmjs.org/assert-plus/-/assert-plus-1.0.0.tgz",
       "integrity": "sha512-NfJ4UzBCcQGLDlQq7nHxH+tv3kyZ0hHQqF5BO6J7tNJeP5do1llPr8dZ8zHonfhAu0PHAdMkSo+8o0wxg9lZWw==",
+      "dev": true,
       "engines": {
         "node": ">=0.8"
       }
@@ -8455,17 +8434,6 @@
         "@babel/core": "^7.0.0"
       }
     },
-    "node_modules/backoff": {
-      "version": "2.5.0",
-      "resolved": "https://registry.npmjs.org/backoff/-/backoff-2.5.0.tgz",
-      "integrity": "sha512-wC5ihrnUXmR2douXmXLCe5O3zg3GKIyvRi/hi58a/XyRxVI+3/yM0PYueQOZXPXQ9pxBislYkw+sF9b7C/RuMA==",
-      "dependencies": {
-        "precond": "0.2"
-      },
-      "engines": {
-        "node": ">= 0.6"
-      }
-    },
     "node_modules/balanced-match": {
       "version": "1.0.2",
       "resolved": "https://registry.npmjs.org/balanced-match/-/balanced-match-1.0.2.tgz",
@@ -8529,11 +8497,6 @@
         "node": ">= 10.0.0"
       }
     },
-    "node_modules/bcryptjs": {
-      "version": "2.4.3",
-      "resolved": "https://registry.npmjs.org/bcryptjs/-/bcryptjs-2.4.3.tgz",
-      "integrity": "sha512-V/Hy/X9Vt7f3BbPJEi8BdVFMByHi+jNXrYkW3huaybV/kQ0KJg0Y6PkEMbn+zeT+i+SiKZ/HMqJGIIt4LZDqNQ=="
-    },
     "node_modules/before-after-hook": {
       "version": "2.2.3",
       "resolved": "https://registry.npmjs.org/before-after-hook/-/before-after-hook-2.2.3.tgz",
@@ -9157,7 +9120,8 @@
     "node_modules/core-util-is": {
       "version": "1.0.2",
       "resolved": "https://registry.npmjs.org/core-util-is/-/core-util-is-1.0.2.tgz",
-      "integrity": "sha512-3lqz5YjWTYnW6dlDa5TLaTCcShfar1e40rmcJVwCBJC6mWlFuj0eCHIElmG1g5kyuJ/GD+8Wn4FFCcz4gJPfaQ=="
+      "integrity": "sha512-3lqz5YjWTYnW6dlDa5TLaTCcShfar1e40rmcJVwCBJC6mWlFuj0eCHIElmG1g5kyuJ/GD+8Wn4FFCcz4gJPfaQ==",
+      "dev": true
     },
     "node_modules/cors": {
       "version": "2.8.5",
@@ -10012,6 +9976,7 @@
       "version": "1.3.0",
       "resolved": "https://registry.npmjs.org/extsprintf/-/extsprintf-1.3.0.tgz",
       "integrity": "sha512-11Ndz7Nv+mvAC1j0ktTa7fAb0vLyGGX+rMHNBYQviQDGU0Hw7lhctJANqbPhu9nV9/izT/IntTgZ7Im/9LJs9g==",
+      "dev": true,
       "engines": [
         "node >=0.6.0"
       ]
@@ -11923,57 +11888,6 @@
         "node": ">=6"
       }
     },
-    "node_modules/ldap-filter": {
-      "version": "0.3.3",
-      "resolved": "https://registry.npmjs.org/ldap-filter/-/ldap-filter-0.3.3.tgz",
-      "integrity": "sha512-/tFkx5WIn4HuO+6w9lsfxq4FN3O+fDZeO9Mek8dCD8rTUpqzRa766BOBO7BcGkn3X86m5+cBm1/2S/Shzz7gMg==",
-      "dependencies": {
-        "assert-plus": "^1.0.0"
-      },
-      "engines": {
-        "node": ">=0.8"
-      }
-    },
-    "node_modules/ldapauth-fork": {
-      "version": "5.0.5",
-      "resolved": "https://registry.npmjs.org/ldapauth-fork/-/ldapauth-fork-5.0.5.tgz",
-      "integrity": "sha512-LWUk76+V4AOZbny/3HIPQtGPWZyA3SW2tRhsWIBi9imP22WJktKLHV1ofd8Jo/wY7Ve6vAT7FCI5mEn3blZTjw==",
-      "dependencies": {
-        "@types/ldapjs": "^2.2.2",
-        "bcryptjs": "^2.4.0",
-        "ldapjs": "^2.2.1",
-        "lru-cache": "^7.10.1"
-      },
-      "engines": {
-        "node": ">=0.8.0"
-      }
-    },
-    "node_modules/ldapauth-fork/node_modules/lru-cache": {
-      "version": "7.18.3",
-      "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-7.18.3.tgz",
-      "integrity": "sha512-jumlc0BIUrS3qJGgIkWZsyfAM7NCWiBcCDhnd+3NNM5KbBmLTgHVfWBcg6W+rLUsIpzpERPsvwUP7CckAQSOoA==",
-      "engines": {
-        "node": ">=12"
-      }
-    },
-    "node_modules/ldapjs": {
-      "version": "2.3.3",
-      "resolved": "https://registry.npmjs.org/ldapjs/-/ldapjs-2.3.3.tgz",
-      "integrity": "sha512-75QiiLJV/PQqtpH+HGls44dXweviFwQ6SiIK27EqzKQ5jU/7UFrl2E5nLdQ3IYRBzJ/AVFJI66u0MZ0uofKYwg==",
-      "dependencies": {
-        "abstract-logging": "^2.0.0",
-        "asn1": "^0.2.4",
-        "assert-plus": "^1.0.0",
-        "backoff": "^2.5.0",
-        "ldap-filter": "^0.3.3",
-        "once": "^1.4.0",
-        "vasync": "^2.2.0",
-        "verror": "^1.8.1"
-      },
-      "engines": {
-        "node": ">=10.13.0"
-      }
-    },
     "node_modules/leven": {
       "version": "3.1.0",
       "resolved": "https://registry.npmjs.org/leven/-/leven-3.1.0.tgz",
@@ -15743,18 +15657,6 @@
         "node": ">= 0.4.0"
       }
     },
-    "node_modules/passport-ldapauth": {
-      "version": "3.0.1",
-      "resolved": "https://registry.npmjs.org/passport-ldapauth/-/passport-ldapauth-3.0.1.tgz",
-      "integrity": "sha512-TRRx3BHi8GC8MfCT9wmghjde/EGeKjll7zqHRRfGRxXbLcaDce2OftbQrFG7/AWaeFhR6zpZHtBQ/IkINdLVjQ==",
-      "dependencies": {
-        "ldapauth-fork": "^5.0.1",
-        "passport-strategy": "^1.0.0"
-      },
-      "engines": {
-        "node": ">=0.8.0"
-      }
-    },
     "node_modules/passport-oauth2": {
       "version": "1.7.0",
       "resolved": "https://registry.npmjs.org/passport-oauth2/-/passport-oauth2-1.7.0.tgz",
@@ -16368,14 +16270,6 @@
         "form-data": "^4.0.0"
       }
     },
-    "node_modules/precond": {
-      "version": "0.2.3",
-      "resolved": "https://registry.npmjs.org/precond/-/precond-0.2.3.tgz",
-      "integrity": "sha512-QCYG84SgGyGzqJ/vlMsxeXd/pgL/I94ixdNFyh1PusWmTCyVfPJjZ1K1jvHtsbfnXQs2TSkEP2fR7QiMZAnKFQ==",
-      "engines": {
-        "node": ">= 0.6"
-      }
-    },
     "node_modules/prelude-ls": {
       "version": "1.2.1",
       "resolved": "https://registry.npmjs.org/prelude-ls/-/prelude-ls-1.2.1.tgz",
@@ -18460,21 +18354,11 @@
         "node": ">= 0.8"
       }
     },
-    "node_modules/vasync": {
-      "version": "2.2.1",
-      "resolved": "https://registry.npmjs.org/vasync/-/vasync-2.2.1.tgz",
-      "integrity": "sha512-Hq72JaTpcTFdWiNA4Y22Amej2GH3BFmBaKPPlDZ4/oC8HNn2ISHLkFrJU4Ds8R3jcUi7oo5Y9jcMHKjES+N9wQ==",
-      "engines": [
-        "node >=0.6.0"
-      ],
-      "dependencies": {
-        "verror": "1.10.0"
-      }
-    },
     "node_modules/verror": {
       "version": "1.10.0",
       "resolved": "https://registry.npmjs.org/verror/-/verror-1.10.0.tgz",
       "integrity": "sha512-ZZKSmDAEFOijERBLkmYfJ+vmk3w+7hOLYDNkRCuRuMJGEmqYNCNLyBBFwWKVMhfwaEF3WOd0Zlw86U/WC/+nYw==",
+      "dev": true,
       "engines": [
         "node >=0.6.0"
       ],
@@ -24657,14 +24541,6 @@
         "@types/node": "*"
       }
     },
-    "@types/ldapjs": {
-      "version": "2.2.5",
-      "resolved": "https://registry.npmjs.org/@types/ldapjs/-/ldapjs-2.2.5.tgz",
-      "integrity": "sha512-Lv/nD6QDCmcT+V1vaTRnEKE8UgOilVv5pHcQuzkU1LcRe4mbHHuUo/KHi0LKrpdHhQY8FJzryF38fcVdeUIrzg==",
-      "requires": {
-        "@types/node": "*"
-      }
-    },
     "@types/libsodium-wrappers": {
       "version": "0.7.10",
       "resolved": "https://registry.npmjs.org/@types/libsodium-wrappers/-/libsodium-wrappers-0.7.10.tgz",
@@ -25108,11 +24984,6 @@
         "event-target-shim": "^5.0.0"
       }
     },
-    "abstract-logging": {
-      "version": "2.0.1",
-      "resolved": "https://registry.npmjs.org/abstract-logging/-/abstract-logging-2.0.1.tgz",
-      "integrity": "sha512-2BjRTZxTPvheOvGbBslFSYOUkr+SjPtOnrLP33f+VIWLzezQpZcqVg7ja3L4dBXmzzgwT+a029jRx5PCi3JuiA=="
-    },
     "accepts": {
       "version": "1.3.8",
       "resolved": "https://registry.npmjs.org/accepts/-/accepts-1.3.8.tgz",
@@ -25333,18 +25204,11 @@
       "integrity": "sha512-BSHWgDSAiKs50o2Re8ppvp3seVHXSRM44cdSsT9FfNEUUZLOGWVCsiWaRPWM1Znn+mqZ1OfVZ3z3DWEzSp7hRA==",
       "dev": true
     },
-    "asn1": {
-      "version": "0.2.6",
-      "resolved": "https://registry.npmjs.org/asn1/-/asn1-0.2.6.tgz",
-      "integrity": "sha512-ix/FxPn0MDjeyJ7i/yoHGFt/EX6LyNbxSEhPPXODPL+KB0VPk86UYfL0lMdy+KCnv+fmvIzySwaK5COwqVbWTQ==",
-      "requires": {
-        "safer-buffer": "~2.1.0"
-      }
-    },
     "assert-plus": {
       "version": "1.0.0",
       "resolved": "https://registry.npmjs.org/assert-plus/-/assert-plus-1.0.0.tgz",
-      "integrity": "sha512-NfJ4UzBCcQGLDlQq7nHxH+tv3kyZ0hHQqF5BO6J7tNJeP5do1llPr8dZ8zHonfhAu0PHAdMkSo+8o0wxg9lZWw=="
+      "integrity": "sha512-NfJ4UzBCcQGLDlQq7nHxH+tv3kyZ0hHQqF5BO6J7tNJeP5do1llPr8dZ8zHonfhAu0PHAdMkSo+8o0wxg9lZWw==",
+      "dev": true
     },
     "asynckit": {
       "version": "0.4.0",
@@ -25474,14 +25338,6 @@
         "babel-preset-current-node-syntax": "^1.0.0"
       }
     },
-    "backoff": {
-      "version": "2.5.0",
-      "resolved": "https://registry.npmjs.org/backoff/-/backoff-2.5.0.tgz",
-      "integrity": "sha512-wC5ihrnUXmR2douXmXLCe5O3zg3GKIyvRi/hi58a/XyRxVI+3/yM0PYueQOZXPXQ9pxBislYkw+sF9b7C/RuMA==",
-      "requires": {
-        "precond": "0.2"
-      }
-    },
     "balanced-match": {
       "version": "1.0.2",
       "resolved": "https://registry.npmjs.org/balanced-match/-/balanced-match-1.0.2.tgz",
@@ -25523,11 +25379,6 @@
         "node-addon-api": "^5.0.0"
       }
     },
-    "bcryptjs": {
-      "version": "2.4.3",
-      "resolved": "https://registry.npmjs.org/bcryptjs/-/bcryptjs-2.4.3.tgz",
-      "integrity": "sha512-V/Hy/X9Vt7f3BbPJEi8BdVFMByHi+jNXrYkW3huaybV/kQ0KJg0Y6PkEMbn+zeT+i+SiKZ/HMqJGIIt4LZDqNQ=="
-    },
     "before-after-hook": {
       "version": "2.2.3",
       "resolved": "https://registry.npmjs.org/before-after-hook/-/before-after-hook-2.2.3.tgz",
@@ -25981,7 +25832,8 @@
     "core-util-is": {
       "version": "1.0.2",
       "resolved": "https://registry.npmjs.org/core-util-is/-/core-util-is-1.0.2.tgz",
-      "integrity": "sha512-3lqz5YjWTYnW6dlDa5TLaTCcShfar1e40rmcJVwCBJC6mWlFuj0eCHIElmG1g5kyuJ/GD+8Wn4FFCcz4gJPfaQ=="
+      "integrity": "sha512-3lqz5YjWTYnW6dlDa5TLaTCcShfar1e40rmcJVwCBJC6mWlFuj0eCHIElmG1g5kyuJ/GD+8Wn4FFCcz4gJPfaQ==",
+      "dev": true
     },
     "cors": {
       "version": "2.8.5",
@@ -26618,7 +26470,8 @@
     "extsprintf": {
       "version": "1.3.0",
       "resolved": "https://registry.npmjs.org/extsprintf/-/extsprintf-1.3.0.tgz",
-      "integrity": "sha512-11Ndz7Nv+mvAC1j0ktTa7fAb0vLyGGX+rMHNBYQviQDGU0Hw7lhctJANqbPhu9nV9/izT/IntTgZ7Im/9LJs9g=="
+      "integrity": "sha512-11Ndz7Nv+mvAC1j0ktTa7fAb0vLyGGX+rMHNBYQviQDGU0Hw7lhctJANqbPhu9nV9/izT/IntTgZ7Im/9LJs9g==",
+      "dev": true
     },
     "fast-copy": {
       "version": "3.0.1",
@@ -28044,47 +27897,6 @@
       "integrity": "sha512-eTIzlVOSUR+JxdDFepEYcBMtZ9Qqdef+rnzWdRZuMbOywu5tO2w2N7rqjoANZ5k9vywhL6Br1VRjUIgTQx4E8w==",
       "dev": true
     },
-    "ldap-filter": {
-      "version": "0.3.3",
-      "resolved": "https://registry.npmjs.org/ldap-filter/-/ldap-filter-0.3.3.tgz",
-      "integrity": "sha512-/tFkx5WIn4HuO+6w9lsfxq4FN3O+fDZeO9Mek8dCD8rTUpqzRa766BOBO7BcGkn3X86m5+cBm1/2S/Shzz7gMg==",
-      "requires": {
-        "assert-plus": "^1.0.0"
-      }
-    },
-    "ldapauth-fork": {
-      "version": "5.0.5",
-      "resolved": "https://registry.npmjs.org/ldapauth-fork/-/ldapauth-fork-5.0.5.tgz",
-      "integrity": "sha512-LWUk76+V4AOZbny/3HIPQtGPWZyA3SW2tRhsWIBi9imP22WJktKLHV1ofd8Jo/wY7Ve6vAT7FCI5mEn3blZTjw==",
-      "requires": {
-        "@types/ldapjs": "^2.2.2",
-        "bcryptjs": "^2.4.0",
-        "ldapjs": "^2.2.1",
-        "lru-cache": "^7.10.1"
-      },
-      "dependencies": {
-        "lru-cache": {
-          "version": "7.18.3",
-          "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-7.18.3.tgz",
-          "integrity": "sha512-jumlc0BIUrS3qJGgIkWZsyfAM7NCWiBcCDhnd+3NNM5KbBmLTgHVfWBcg6W+rLUsIpzpERPsvwUP7CckAQSOoA=="
-        }
-      }
-    },
-    "ldapjs": {
-      "version": "2.3.3",
-      "resolved": "https://registry.npmjs.org/ldapjs/-/ldapjs-2.3.3.tgz",
-      "integrity": "sha512-75QiiLJV/PQqtpH+HGls44dXweviFwQ6SiIK27EqzKQ5jU/7UFrl2E5nLdQ3IYRBzJ/AVFJI66u0MZ0uofKYwg==",
-      "requires": {
-        "abstract-logging": "^2.0.0",
-        "asn1": "^0.2.4",
-        "assert-plus": "^1.0.0",
-        "backoff": "^2.5.0",
-        "ldap-filter": "^0.3.3",
-        "once": "^1.4.0",
-        "vasync": "^2.2.0",
-        "verror": "^1.8.1"
-      }
-    },
     "leven": {
       "version": "3.1.0",
       "resolved": "https://registry.npmjs.org/leven/-/leven-3.1.0.tgz",
@@ -30762,15 +30574,6 @@
         "passport-oauth2": "1.x.x"
       }
     },
-    "passport-ldapauth": {
-      "version": "3.0.1",
-      "resolved": "https://registry.npmjs.org/passport-ldapauth/-/passport-ldapauth-3.0.1.tgz",
-      "integrity": "sha512-TRRx3BHi8GC8MfCT9wmghjde/EGeKjll7zqHRRfGRxXbLcaDce2OftbQrFG7/AWaeFhR6zpZHtBQ/IkINdLVjQ==",
-      "requires": {
-        "ldapauth-fork": "^5.0.1",
-        "passport-strategy": "^1.0.0"
-      }
-    },
     "passport-oauth2": {
       "version": "1.7.0",
       "resolved": "https://registry.npmjs.org/passport-oauth2/-/passport-oauth2-1.7.0.tgz",
@@ -31210,11 +31013,6 @@
         }
       }
     },
-    "precond": {
-      "version": "0.2.3",
-      "resolved": "https://registry.npmjs.org/precond/-/precond-0.2.3.tgz",
-      "integrity": "sha512-QCYG84SgGyGzqJ/vlMsxeXd/pgL/I94ixdNFyh1PusWmTCyVfPJjZ1K1jvHtsbfnXQs2TSkEP2fR7QiMZAnKFQ=="
-    },
     "prelude-ls": {
       "version": "1.2.1",
       "resolved": "https://registry.npmjs.org/prelude-ls/-/prelude-ls-1.2.1.tgz",
@@ -32837,18 +32635,11 @@
       "resolved": "https://registry.npmjs.org/vary/-/vary-1.1.2.tgz",
       "integrity": "sha512-BNGbWLfd0eUPabhkXUVm0j8uuvREyTh5ovRa/dyow/BqAbZJyC+5fU+IzQOzmAKzYqYRAISoRhdQr3eIZ/PXqg=="
     },
-    "vasync": {
-      "version": "2.2.1",
-      "resolved": "https://registry.npmjs.org/vasync/-/vasync-2.2.1.tgz",
-      "integrity": "sha512-Hq72JaTpcTFdWiNA4Y22Amej2GH3BFmBaKPPlDZ4/oC8HNn2ISHLkFrJU4Ds8R3jcUi7oo5Y9jcMHKjES+N9wQ==",
-      "requires": {
-        "verror": "1.10.0"
-      }
-    },
     "verror": {
       "version": "1.10.0",
       "resolved": "https://registry.npmjs.org/verror/-/verror-1.10.0.tgz",
       "integrity": "sha512-ZZKSmDAEFOijERBLkmYfJ+vmk3w+7hOLYDNkRCuRuMJGEmqYNCNLyBBFwWKVMhfwaEF3WOd0Zlw86U/WC/+nYw==",
+      "dev": true,
       "requires": {
         "assert-plus": "^1.0.0",
         "core-util-is": "1.0.2",

backend/package.json

@@ -47,7 +47,6 @@
     "passport-github": "^1.1.0",
     "passport-gitlab2": "^5.0.0",
     "passport-google-oauth20": "^2.0.0",
-    "passport-ldapauth": "^3.0.1",
     "pg": "^8.11.3",
     "pino": "^8.16.1",
     "pino-http": "^8.5.1",

backend/src/controllers/v1/index.ts

@@ -1,6 +1,5 @@
 import * as authController from "./authController";
 import * as universalAuthController from "./universalAuthController";
-import * as ldapController from "./ldapController";
 import * as botController from "./botController";
 import * as integrationAuthController from "./integrationAuthController";
 import * as integrationController from "./integrationController";
@@ -23,7 +22,6 @@ import * as adminController from "./adminController";
 export {
   authController,
   universalAuthController,
-  ldapController,
   botController,
   integrationAuthController,
   integrationController,

backend/src/controllers/v1/ldapController.ts

@@ -1,233 +0,0 @@
-import { Request, Response } from "express";
-import { Types } from "mongoose";
-import { client, getSiteURL } from "../../config";
-import * as reqValidator from "../../validation/ldap";
-import { validateRequest } from "../../helpers/validation";
-import { getLdapConfigHelper } from "../../ee/helpers/organizations";
-import {
-  OrgPermissionActions,
-  OrgPermissionSubjects,
-  getAuthDataOrgPermissions
-} from "../../ee/services/RoleService";
-import { ForbiddenError } from "@casl/ability";
-import { LDAPConfig } from "../../ee/models";
-import { BotOrgService } from "../../services";
-
-/**
- * Return appropriate SSO endpoint after successful authentication with LDAP
- * to finish inputting their master key for logging in or signing up
- * @param req
- * @param res 
- * @returns 
- */
-export const redirectLDAP = async (req: Request, res: Response) => {
-    let nextUrl;
-    if (req.isUserCompleted) {
-        nextUrl = `${await getSiteURL()}/login/sso?token=${encodeURIComponent(req.providerAuthToken)}`;
-    } else {
-        nextUrl = `${await getSiteURL()}/signup/sso?token=${encodeURIComponent(req.providerAuthToken)}`
-    }
-
-    return res.status(200).send({
-        nextUrl
-    });
-}
-
-/**
- * Return organization LDAP configuration
- * @param req 
- * @param res 
- */
-export const getLDAPConfig = async (req: Request, res: Response) => {
-    const  {
-        query: { organizationId }
-    } = await validateRequest(reqValidator.GetLdapConfigv1, req);
-    
-    const { permission } = await getAuthDataOrgPermissions({
-        authData: req.authData,
-        organizationId: new Types.ObjectId(organizationId)
-    });
-      
-    ForbiddenError.from(permission).throwUnlessCan(
-        OrgPermissionActions.Read,
-        OrgPermissionSubjects.Sso
-    );
-    
-    const data = await getLdapConfigHelper({
-        organizationId: new Types.ObjectId(organizationId)
-    });
-
-    return res.status(200).send(data);
-}
-
-/**
- * Update organization LDAP configuration
- * @param req 
- * @param res 
- * @returns 
- */
-export const updateLDAPConfig = async (req: Request, res: Response) => {
-    const {
-        body: {
-            organizationId,
-            isActive,
-            url,
-            bindDN,
-            bindPass,
-            searchBase,
-            caCert
-        }
-    } = await validateRequest(reqValidator.UpdateLdapConfigv1, req);
-    
-    const { permission } = await getAuthDataOrgPermissions({
-        authData: req.authData,
-        organizationId: new Types.ObjectId(organizationId)
-    });
-    
-    ForbiddenError.from(permission).throwUnlessCan(
-        OrgPermissionActions.Edit,
-        OrgPermissionSubjects.Sso
-    );
-    
-    interface PatchUpdate {
-        isActive?: boolean;
-        url?: string;
-        encryptedBindDN?: string;
-        bindDNIV?: string;
-        bindDNTag?: string;
-        encryptedBindPass?: string;
-        bindPassIV?: string;
-        bindPassTag?: string;
-        searchBase?: string;
-        encryptedCACert?: string;
-        caCertIV?: string;
-        caCertTag?: string;
-    }
-    
-    const update: PatchUpdate = {};
-
-    if (url) {
-        update.url = url;
-    }
-
-    if (searchBase) {
-        update.searchBase = searchBase;
-    }
-    
-    if (isActive !== undefined) {
-        update.isActive = isActive;
-    }
-    
-    const key = await BotOrgService.getSymmetricKey(new Types.ObjectId(organizationId));
-
-    if (bindDN) {
-        const {
-            ciphertext: encryptedBindDN,
-            iv: bindDNIV,
-            tag: bindDNTag
-        } = client.encryptSymmetric(bindDN, key);
-        
-        update.encryptedBindDN = encryptedBindDN;
-        update.bindDNIV = bindDNIV;
-        update.bindDNTag = bindDNTag;
-    }
-
-    if (bindPass) {
-        const {
-            ciphertext: encryptedBindPass,
-            iv: bindPassIV,
-            tag: bindPassTag
-        } = client.encryptSymmetric(bindPass, key);
-        
-        update.encryptedBindPass = encryptedBindPass;
-        update.bindPassIV = bindPassIV;
-        update.bindPassTag = bindPassTag;
-    }
-    
-    if (caCert) {
-        const {
-            ciphertext: encryptedCACert,
-            iv: caCertIV,
-            tag: caCertTag
-        } = client.encryptSymmetric(caCert, key);
-        
-        update.encryptedCACert = encryptedCACert;
-        update.caCertIV = caCertIV;
-        update.caCertTag = caCertTag;
-    }
-
-    const ldapConfig = await LDAPConfig.findOneAndUpdate(
-        { organization: new Types.ObjectId(organizationId) },
-        update,
-        { new: true }
-    );
-
-    return res.status(200).send(ldapConfig);
-}
-
-/**
- * Create organization LDAP configuration
- * @param req 
- * @param res 
- */
-export const createLDAPConfig = async (req: Request, res: Response) => {
-    const {
-        body: {
-            organizationId,
-            isActive,
-            url,
-            bindDN,
-            bindPass,
-            searchBase,
-            caCert
-        }
-    } = await validateRequest(reqValidator.CreateLdapConfigv1, req);
-
-    const { permission } = await getAuthDataOrgPermissions({
-        authData: req.authData,
-        organizationId: new Types.ObjectId(organizationId)
-    });
-    
-    ForbiddenError.from(permission).throwUnlessCan(
-        OrgPermissionActions.Create,
-        OrgPermissionSubjects.Sso
-    );
-    
-    const key = await BotOrgService.getSymmetricKey(new Types.ObjectId(organizationId));
-    
-    const {
-        ciphertext: encryptedBindDN,
-        iv: bindDNIV,
-        tag: bindDNTag
-    } = client.encryptSymmetric(bindDN, key);
-    
-    const {
-        ciphertext: encryptedBindPass,
-        iv: bindPassIV,
-        tag: bindPassTag
-    } = client.encryptSymmetric(bindPass, key);
-
-    const {
-        ciphertext: encryptedCACert,
-        iv: caCertIV,
-        tag: caCertTag
-    } = client.encryptSymmetric(caCert, key);
-    
-    const ldapConfig = await new LDAPConfig({
-        organization: new Types.ObjectId(organizationId),
-        isActive,
-        url,
-        encryptedBindDN,
-        bindDNIV,
-        bindDNTag,
-        encryptedBindPass,
-        bindPassIV,
-        bindPassTag,
-        searchBase,
-        encryptedCACert,
-        caCertIV,
-        caCertTag
-    }).save();
-
-    return res.status(200).send(ldapConfig);
-}

backend/src/controllers/v3/signupController.ts

@@ -101,15 +101,14 @@ export const completeAccountSignup = async (req: Request, res: Response) => {
       salt,
       verifier
     });
-    
+
     if (!user) throw new Error("Failed to complete account for non-existent user"); // ensure user is non-null
 
-    // this might need to consider LDAP
-    const hasOrgAuthMethodEnabled = user.authMethods.some((authMethod: AuthMethod) =>
-      [AuthMethod.OKTA_SAML, AuthMethod.AZURE_SAML, AuthMethod.JUMPCLOUD_SAML, AuthMethod.LDAP].includes(authMethod)
+    const hasSamlEnabled = user.authMethods.some((authMethod: AuthMethod) =>
+      [AuthMethod.OKTA_SAML, AuthMethod.AZURE_SAML, AuthMethod.JUMPCLOUD_SAML].includes(authMethod)
     );
 
-    if (!hasOrgAuthMethodEnabled) {
+    if (!hasSamlEnabled) {
       // TODO: modify this part
       // initialize default organization and workspace
       await initializeDefaultOrg({

backend/src/ee/helpers/organizations.ts

@@ -1,6 +1,5 @@
 import { Types } from "mongoose";
 import {
-    LDAPConfig,
     SSOConfig
 } from "../models";
 import {
@@ -62,53 +61,4 @@ export const getSSOConfigHelper = async ({
         issuer,
         cert
     });
-}
-
-export const getLdapConfigHelper = async ({
-    organizationId
-}: {
-    organizationId: Types.ObjectId;
-}) => {
-    
-    const ldapConfig = await LDAPConfig.findOne({
-        organization: organizationId
-    });
-    
-    if (!ldapConfig) throw new Error("Failed to find organization LDAP data");
-    
-    const key = await BotOrgService.getSymmetricKey(
-        ldapConfig.organization
-    );
-    
-    const bindDN = client.decryptSymmetric(
-        ldapConfig.encryptedBindDN,
-        key,
-        ldapConfig.bindDNIV,
-        ldapConfig.bindDNTag
-    );
-
-    const bindPass = client.decryptSymmetric(
-        ldapConfig.encryptedBindPass,
-        key,
-        ldapConfig.bindPassIV,
-        ldapConfig.bindPassTag
-    );
-
-    const caCert = client.decryptSymmetric(
-        ldapConfig.encryptedCACert,
-        key,
-        ldapConfig.caCertIV,
-        ldapConfig.caCertTag
-    );
-    
-    return ({
-        _id: ldapConfig._id,
-        organization: ldapConfig.organization,
-        isActive: ldapConfig.isActive,
-        url: ldapConfig.url,
-        bindDN,
-        bindPass,
-        searchBase: ldapConfig.searchBase,
-        caCert
-    });
 }

backend/src/ee/models/index.ts

@@ -3,11 +3,10 @@ export * from "./secretVersion";
 export * from "./folderVersion";
 export * from "./role";
 export * from "./ssoConfig";
-export * from "./ldapConfig";
 export * from "./trustedIp";
 export * from "./auditLog";
 export * from  "./gitRisks";
 export * from  "./gitAppOrganizationInstallation";
 export * from  "./gitAppInstallationSession";
 export * from "./secretApprovalPolicy";
-export * from "./secretApprovalRequest";
+export * from "./secretApprovalRequest";

backend/src/ee/models/ldapConfig.ts

@@ -1,79 +0,0 @@
-import { Schema, Types, model } from "mongoose";
-
-export interface ILDAPConfig {
-    organization: Types.ObjectId;
-    isActive: boolean;
-    url: string;
-    encryptedBindDN: string;
-    bindDNIV: string;
-    bindDNTag: string;
-    encryptedBindPass: string;
-    bindPassIV: string;
-    bindPassTag: string;
-    searchBase: string;
-    encryptedCACert: string;
-    caCertIV: string;
-    caCertTag: string;
-}
-
-const ldapConfigSchema = new Schema<ILDAPConfig>(
-    {
-        organization: {
-            type: Schema.Types.ObjectId,
-            ref: "Organization"
-        },
-        isActive: {
-            type: Boolean,
-            required: true
-        },
-        url: {
-            type: String,
-            required: true
-        },
-        encryptedBindDN: {
-            type: String,
-            required: true
-        },
-        bindDNIV: {
-            type: String,
-            required: true
-        },
-        bindDNTag: {
-            type: String,
-            required: true
-        },
-        encryptedBindPass: {
-            type: String,
-            required: true
-        },
-        bindPassIV: {
-            type: String,
-            required: true
-        },
-        bindPassTag: {
-            type: String,
-            required: true
-        },
-        searchBase: {
-            type: String,
-            required: true
-        },
-        encryptedCACert: {
-            type: String,
-            required: true
-        },
-        caCertIV: {
-            type: String,
-            required: true
-        },
-        caCertTag: {
-            type: String,
-            required: true
-        },
-    },
-    {
-        timestamps: true
-    }
-);
-
-export const LDAPConfig = model<ILDAPConfig>("LDAPConfig", ldapConfigSchema);

backend/src/helpers/secrets.ts

@@ -579,9 +579,7 @@ export const getSecretsHelper = async ({
           event: "secrets pulled",
           distinctId: await TelemetryService.getDistinctId({ authData }),
           properties: {
-            numberOfSecrets: shouldRecordK8Event
-              ? approximateForNoneCapturedEvents
-              : secrets.length,
+            numberOfSecrets: shouldRecordK8Event ? approximateForNoneCapturedEvents : secrets.length,
             environment,
             workspaceId,
             folderId,
@@ -616,6 +614,7 @@ export const getSecretHelper = async ({
   include_imports = true,
   version
 }: GetSecretParams) => {
+  
   const secretBlindIndex = await generateSecretBlindIndexHelper({
     secretName,
     workspaceId: new Types.ObjectId(workspaceId)
@@ -645,7 +644,7 @@ export const getSecretHelper = async ({
       type: type ?? SECRET_PERSONAL,
       version
     }).lean();
-
+  
     if (secretVersion) {
       secret = await new Secret({
         ...secretVersion,
@@ -674,7 +673,7 @@ export const getSecretHelper = async ({
         type: SECRET_SHARED,
         version
       }).lean();
-
+      
       if (secretVersion) {
         secret = await new Secret({
           ...secretVersion,
@@ -683,16 +682,10 @@ export const getSecretHelper = async ({
       }
     }
   }
-
+  
   if (!secret && include_imports) {
     // if still no secret found search in imported secret and retreive
-    secret = await getAnImportedSecret(
-      secretName,
-      workspaceId.toString(),
-      environment,
-      folderId,
-      version
-    );
+    secret = await getAnImportedSecret(secretName, workspaceId.toString(), environment, folderId, version);
   }
 
   if (!secret) throw SecretNotFoundError();
@@ -1187,12 +1180,11 @@ const recursivelyExpandSecret = async (
         const secRefKey = entities[entities.length - 1];
 
         const val = await fetchCrossEnv(secRefEnv, secRefPath, secRefKey);
-        if (val !== undefined) {
-          interpolatedValue = interpolatedValue.replaceAll(interpolationSyntax, val);
-        }
+        interpolatedValue = interpolatedValue.replaceAll(interpolationSyntax, val);
       }
     }
   }
+
   expandedSec[key] = interpolatedValue;
   return interpolatedValue;
 };

backend/src/index.ts

@@ -42,7 +42,6 @@ import {
   integration as v1IntegrationRouter,
   inviteOrg as v1InviteOrgRouter,
   key as v1KeyRouter,
-  ldap as v1LDAPRouter,
   membershipOrg as v1MembershipOrgRouter,
   membership as v1MembershipRouter,
   organization as v1OrganizationRouter,
@@ -238,7 +237,6 @@ const main = async () => {
   app.use("/api/v1/roles", v1RoleRouter);
   app.use("/api/v1/secret-approvals", v1SecretApprovalPolicyRouter);
   app.use("/api/v1/sso", v1SSORouter);
-  app.use("/api/v1/ldap", v1LDAPRouter);
   app.use("/api/v1/secret-approval-requests", v1SecretApprovalRequestRouter);
 
   // v2 routes (improvements)

backend/src/models/user.ts

@@ -7,8 +7,7 @@ export enum AuthMethod {
   GITLAB = "gitlab",
   OKTA_SAML = "okta-saml",
   AZURE_SAML = "azure-saml",
-  JUMPCLOUD_SAML = "jumpcloud-saml",
-  LDAP = "ldap"
+  JUMPCLOUD_SAML = "jumpcloud-saml"
 }
 
 export interface IUser extends Document {
@@ -56,7 +55,7 @@ const userSchema = new Schema<IUser>(
     },
     email: {
       type: String,
-      required: false,
+      required: true,
       unique: true
     },
     firstName: {

backend/src/routes/v1/index.ts

@@ -2,7 +2,6 @@ import signup from "./signup";
 import bot from "./bot";
 import auth from "./auth";
 import universalAuth from "./universalAuth";
-import ldap from "./ldap";
 import user from "./user";
 import userAction from "./userAction";
 import organization from "./organization";
@@ -44,6 +43,5 @@ export {
   webhooks,
   secretImps,
   sso,
-  ldap,
   admin
 };

backend/src/routes/v1/ldap.ts

@@ -1,41 +0,0 @@
-import express from "express";
-const router = express.Router();
-import passport from "passport";
-import { requireAuth } from "../../middleware";
-import { ldapController } from "../../controllers/v1";
-import { AuthMode } from "../../variables";
-
-router.post(
-    "/login",
-    passport.authenticate("ldapauth", {
-        session: false
-    }) as any,
-    ldapController.redirectLDAP
-);
-
-router.get(
-  "/config",
-  requireAuth({
-    acceptedAuthModes: [AuthMode.JWT]
-  }),
-  ldapController.getLDAPConfig
-);
-
-router.post(
-  "/config",
-  requireAuth({
-    acceptedAuthModes: [AuthMode.JWT]
-  }),
-  ldapController.createLDAPConfig
-);
-
-router.patch(
-  "/config",
-  requireAuth({
-    acceptedAuthModes: [AuthMode.JWT]
-  }),
-  ldapController.updateLDAPConfig
-);
-
-
-export default router;

backend/src/types/express/index.d.ts

@@ -40,7 +40,6 @@ declare global {
 			requestData: {
 				[key: string]: string
 			};
-			organizationId: string;
 		}
 	}
 }

backend/src/utils/authn/passport/index.ts

@@ -2,4 +2,3 @@ export { initializeGoogleStrategy } from "./google";
 export { initializeGitHubStrategy } from "./github";
 export { initializeGitLabStrategy } from "./gitlab";
 export { initializeSamlStrategy } from "./saml";
-export { initializeLdapStrategy } from "./ldap";

backend/src/utils/authn/passport/ldap.ts

@@ -1,141 +0,0 @@
-import { Types } from "mongoose";
-import {
-    AuthMethod,
-    MembershipOrg,
-    Organization,
-    User
-} from "../../../models";
-import passport from "passport";
-import { OrganizationNotFoundError } from "../../errors";
-// eslint-disable-next-line @typescript-eslint/no-var-requires
-const LdapStrategy = require("passport-ldapauth");
-import { getAuthSecret, getJwtProviderAuthLifetime } from "../../../config";
-import { createToken } from "../../../helpers/auth";
-import {
-    ACCEPTED, 
-    AuthTokenType,
-    MEMBER
-} from "../../../variables";
-import { getLdapConfigHelper } from "../../../ee/helpers/organizations";
-
-const getLDAPConfiguration = (req: any, callback: any) => {
-    const {
-        organizationId
-    } = req.body as {
-        organizationId: string;
-    };
-    
-    req.organizationId = organizationId;
-    
-    const boot = async () => {
-        const ldapConfig = await getLdapConfigHelper({
-            organizationId: new Types.ObjectId(organizationId)
-        });
-        
-        // example
-        // var opts = {
-        //     server: {
-        //         // url: 'ldaps://openldap:636', // connection over SSL/TLS
-        //         url: 'ldap://openldap:389',
-        //         bindDN: 'cn=admin,dc=acme,dc=com',
-        //         bindCredentials: 'admin',
-        //         searchBase: 'ou=people,dc=acme,dc=com',
-        //         searchFilter: '(uid={{username}})',
-        //         searchAttributes: ['uid', 'givenName', 'sn'], // optional, defaults to all (get username too)
-        //         // tlsOptions: {
-        //         //     ca: [caCert]
-        //         // }
-        //     },
-        //     passReqToCallback: true
-        // };
-
-        const opts = {
-            server: {
-                url: ldapConfig.url,
-                bindDN: ldapConfig.bindDN,
-                bindCredentials: ldapConfig.bindPass,
-                searchBase: ldapConfig.searchBase,
-                searchFilter: "(uid={{username}})",
-                searchAttributes: ["uid", "givenName", "sn"],
-                ...(ldapConfig.caCert !== "" ? {
-                        tlsOptions: {
-                            ca: [ldapConfig.caCert]
-                        }
-                    } : {}
-                )
-            },
-            passReqToCallback: true
-        };
-        
-        callback(null, opts);
-    }
-    
-    process.nextTick(async () => {
-        await boot();
-    });
-};
-
-export const initializeLdapStrategy = async () => {
-    passport.use(new LdapStrategy(getLDAPConfiguration,
-        async (req: any, user: any, done: any) => {
-            
-            const organization = await Organization.findById(req.organizationId);
-            if (!organization) return done(OrganizationNotFoundError());
-            
-            const ldapUsername = user.uid;
-            const firstName = user.givenName;
-            const lastName = user.sn;
-            const ldapEmail = `ldap-${ldapUsername}-${organization._id.toString()}@ldap.com`;
-
-            try {
-                let user = await User.findOne({
-                    email: ldapEmail
-                }).select("+publicKey");
-                
-                if (!user) {
-                    user = await new User({
-                        email: ldapEmail,
-                        authMethods: [AuthMethod.LDAP],
-                        firstName,
-                        lastName,
-                        organization
-                    }).save();
-                    
-                    await new MembershipOrg({
-                        user: user._id,
-                        organization: organization._id,
-                        role: MEMBER,
-                        status: ACCEPTED
-                    }).save();
-                }
-                
-                const isUserCompleted = !!user.publicKey;
-                const providerAuthToken = createToken({
-                    payload: {
-                    authTokenType: AuthTokenType.PROVIDER_TOKEN,
-                    userId: user._id.toString(),
-                    email: user.email,
-                    firstName,
-                    lastName,
-                    organizationName: organization?.name,
-                    organizationId: organization?._id,
-                    authMethod: AuthMethod.LDAP,
-                    isUserCompleted,
-                    ...(req.body.RelayState ? {
-                        callbackPort: JSON.parse(req.body.RelayState).callbackPort as string
-                    } : {})
-                    },
-                    expiresIn: await getJwtProviderAuthLifetime(),
-                    secret: await getAuthSecret(),
-                });
-                
-                req.isUserCompleted = isUserCompleted;
-                req.providerAuthToken = providerAuthToken;
-                
-                return done(null, user);
-            } catch (err) {
-                return done(null, false);
-            }
-        }
-    ));
-}

backend/src/utils/setup/index.ts

@@ -30,7 +30,6 @@ import {
   initializeGitHubStrategy,
   initializeGitLabStrategy,
   initializeGoogleStrategy,
-  initializeLdapStrategy,
   initializeSamlStrategy
 } from "../authn/passport";
 import { logger } from "../logging";
@@ -68,7 +67,6 @@ export const setup = async () => {
   await initializeGitHubStrategy();
   await initializeGitLabStrategy();
   await initializeSamlStrategy();
-  await initializeLdapStrategy();
 
   // re-encrypt any data previously encrypted under server hex 128-bit ENCRYPTION_KEY
   // to base64 256-bit ROOT_ENCRYPTION_KEY

backend/src/validation/index.ts

@@ -10,4 +10,3 @@ export * from "./secrets";
 export * from "./serviceTokenData";
 export * from "./identities";
 export * from "./apiKeyDataV3";
-export * from "./ldap";

backend/src/validation/ldap.ts

@@ -1,29 +0,0 @@
-import { z } from "zod";
-
-export const GetLdapConfigv1 = z.object({
-    query: z.object({ organizationId: z.string().trim() })
-});
-
-export const CreateLdapConfigv1 = z.object({
-    body: z.object({
-        organizationId: z.string().trim(),
-        isActive: z.boolean(),
-        url: z.string().trim(),
-        bindDN: z.string().trim(),
-        bindPass: z.string().trim(),
-        searchBase: z.string().trim(),
-        caCert: z.string().trim().default("")
-    })
-});
-
-export const UpdateLdapConfigv1 = z.object({
-    body: z.object({
-        organizationId: z.string().trim(),
-        isActive: z.boolean().optional(),
-        url: z.string().trim().optional(),
-        bindDN: z.string().trim().optional(),
-        bindPass: z.string().trim().optional(),
-        searchBase: z.string().trim().optional(),
-        caCert: z.string().trim().optional()
-    })
-});

cli/packages/cmd/agent.go

@@ -498,7 +498,7 @@ var agentCmd = &cobra.Command{
 
 		agentConfigInBase64 := os.Getenv("INFISICAL_AGENT_CONFIG_BASE64")
 
-		if agentConfigInBase64 == "" {
+		if configPath != "" {
 			data, err := ioutil.ReadFile(configPath)
 			if err != nil {
 				if !FileExists(configPath) {
@@ -506,6 +506,7 @@ var agentCmd = &cobra.Command{
 					return
 				}
 			}
+
 			agentConfigInBytes = data
 		}
 

cli/packages/cmd/export.go

@@ -74,7 +74,7 @@ var exportCmd = &cobra.Command{
 			util.HandleError(err, "Unable to parse flag")
 		}
 
-		secrets, err := util.GetAllEnvironmentVariables(models.GetAllSecretsParameters{Environment: environmentName, InfisicalToken: infisicalToken, TagSlugs: tagSlugs, WorkspaceId: projectId, SecretsPath: secretsPath}, "")
+		secrets, err := util.GetAllEnvironmentVariables(models.GetAllSecretsParameters{Environment: environmentName, InfisicalToken: infisicalToken, TagSlugs: tagSlugs, WorkspaceId: projectId, SecretsPath: secretsPath})
 		if err != nil {
 			util.HandleError(err, "Unable to fetch secrets")
 		}
@@ -87,7 +87,7 @@ var exportCmd = &cobra.Command{
 
 		var output string
 		if shouldExpandSecrets {
-			substitutions := util.ExpandSecrets(secrets, infisicalToken, "")
+			substitutions := util.ExpandSecrets(secrets, infisicalToken)
 			output, err = formatEnvs(substitutions, format)
 			if err != nil {
 				util.HandleError(err)

cli/packages/cmd/run.go

@@ -67,11 +67,6 @@ var runCmd = &cobra.Command{
 			util.HandleError(err, "Unable to parse flag")
 		}
 
-		projectConfigDir, err := cmd.Flags().GetString("project-config-dir")
-		if err != nil {
-			util.HandleError(err, "Unable to parse flag")
-		}
-
 		secretOverriding, err := cmd.Flags().GetBool("secret-overriding")
 		if err != nil {
 			util.HandleError(err, "Unable to parse flag")
@@ -97,7 +92,7 @@ var runCmd = &cobra.Command{
 			util.HandleError(err, "Unable to parse flag")
 		}
 
-		secrets, err := util.GetAllEnvironmentVariables(models.GetAllSecretsParameters{Environment: environmentName, InfisicalToken: infisicalToken, TagSlugs: tagSlugs, SecretsPath: secretsPath, IncludeImport: includeImports}, projectConfigDir)
+		secrets, err := util.GetAllEnvironmentVariables(models.GetAllSecretsParameters{Environment: environmentName, InfisicalToken: infisicalToken, TagSlugs: tagSlugs, SecretsPath: secretsPath, IncludeImport: includeImports})
 
 		if err != nil {
 			util.HandleError(err, "Could not fetch secrets", "If you are using a service token to fetch secrets, please ensure it is valid")
@@ -110,7 +105,7 @@ var runCmd = &cobra.Command{
 		}
 
 		if shouldExpandSecrets {
-			secrets = util.ExpandSecrets(secrets, infisicalToken, projectConfigDir)
+			secrets = util.ExpandSecrets(secrets, infisicalToken)
 		}
 
 		secretsByKey := getSecretsByKeys(secrets)
@@ -203,7 +198,6 @@ func init() {
 	runCmd.Flags().StringP("command", "c", "", "chained commands to execute (e.g. \"npm install && npm run dev; echo ...\")")
 	runCmd.Flags().StringP("tags", "t", "", "filter secrets by tag slugs ")
 	runCmd.Flags().String("path", "/", "get secrets within a folder path")
-	runCmd.Flags().String("project-config-dir", "", "explicitly set the directory where the .infisical.json resides")
 }
 
 // Will execute a single command and pass in the given secrets into the process

cli/packages/cmd/secrets.go

@@ -68,7 +68,7 @@ var secretsCmd = &cobra.Command{
 			util.HandleError(err, "Unable to parse flag")
 		}
 
-		secrets, err := util.GetAllEnvironmentVariables(models.GetAllSecretsParameters{Environment: environmentName, InfisicalToken: infisicalToken, TagSlugs: tagSlugs, SecretsPath: secretsPath, IncludeImport: includeImports}, "")
+		secrets, err := util.GetAllEnvironmentVariables(models.GetAllSecretsParameters{Environment: environmentName, InfisicalToken: infisicalToken, TagSlugs: tagSlugs, SecretsPath: secretsPath, IncludeImport: includeImports})
 		if err != nil {
 			util.HandleError(err)
 		}
@@ -80,7 +80,7 @@ var secretsCmd = &cobra.Command{
 		}
 
 		if shouldExpandSecrets {
-			secrets = util.ExpandSecrets(secrets, infisicalToken, "")
+			secrets = util.ExpandSecrets(secrets, infisicalToken)
 		}
 
 		visualize.PrintAllSecretDetails(secrets)
@@ -169,7 +169,7 @@ var secretsSetCmd = &cobra.Command{
 		plainTextEncryptionKey := crypto.DecryptAsymmetric(encryptedWorkspaceKey, encryptedWorkspaceKeyNonce, encryptedWorkspaceKeySenderPublicKey, currentUsersPrivateKey)
 
 		// pull current secrets
-		secrets, err := util.GetAllEnvironmentVariables(models.GetAllSecretsParameters{Environment: environmentName, SecretsPath: secretsPath}, "")
+		secrets, err := util.GetAllEnvironmentVariables(models.GetAllSecretsParameters{Environment: environmentName, SecretsPath: secretsPath})
 		if err != nil {
 			util.HandleError(err, "unable to retrieve secrets")
 		}
@@ -406,7 +406,7 @@ func getSecretsByNames(cmd *cobra.Command, args []string) {
 		util.HandleError(err, "Unable to parse path flag")
 	}
 
-	secrets, err := util.GetAllEnvironmentVariables(models.GetAllSecretsParameters{Environment: environmentName, InfisicalToken: infisicalToken, TagSlugs: tagSlugs, SecretsPath: secretsPath}, "")
+	secrets, err := util.GetAllEnvironmentVariables(models.GetAllSecretsParameters{Environment: environmentName, InfisicalToken: infisicalToken, TagSlugs: tagSlugs, SecretsPath: secretsPath})
 	if err != nil {
 		util.HandleError(err, "To fetch all secrets")
 	}
@@ -455,7 +455,7 @@ func generateExampleEnv(cmd *cobra.Command, args []string) {
 		util.HandleError(err, "Unable to parse flag")
 	}
 
-	secrets, err := util.GetAllEnvironmentVariables(models.GetAllSecretsParameters{Environment: environmentName, InfisicalToken: infisicalToken, TagSlugs: tagSlugs, SecretsPath: secretsPath}, "")
+	secrets, err := util.GetAllEnvironmentVariables(models.GetAllSecretsParameters{Environment: environmentName, InfisicalToken: infisicalToken, TagSlugs: tagSlugs, SecretsPath: secretsPath})
 	if err != nil {
 		util.HandleError(err, "To fetch all secrets")
 	}

cli/packages/util/config.go

@@ -113,28 +113,6 @@ func GetWorkSpaceFromFile() (models.WorkspaceConfigFile, error) {
 	return workspaceConfigFile, nil
 }
 
-func GetWorkSpaceFromFilePath(configFileDir string) (models.WorkspaceConfigFile, error) {
-	configFilePath := filepath.Join(configFileDir, ".infisical.json")
-
-	_, configFileStatusError := os.Stat(configFilePath)
-	if os.IsNotExist(configFileStatusError) {
-		return models.WorkspaceConfigFile{}, fmt.Errorf("file %s does not exist", configFilePath)
-	}
-
-	configFileAsBytes, err := os.ReadFile(configFilePath)
-	if err != nil {
-		return models.WorkspaceConfigFile{}, err
-	}
-
-	var workspaceConfigFile models.WorkspaceConfigFile
-	err = json.Unmarshal(configFileAsBytes, &workspaceConfigFile)
-	if err != nil {
-		return models.WorkspaceConfigFile{}, err
-	}
-
-	return workspaceConfigFile, nil
-}
-
 // FindWorkspaceConfigFile searches for a .infisical.json file in the current directory and all parent directories.
 func FindWorkspaceConfigFile() (string, error) {
 	dir, err := os.Getwd()

cli/packages/util/helper.go

@@ -105,17 +105,6 @@ func RequireLocalWorkspaceFile() {
 	}
 }
 
-func ValidateWorkspaceFile(projectConfigFilePath string) {
-	workspaceFilePath, err := GetWorkSpaceFromFilePath(projectConfigFilePath)
-	if err != nil {
-		PrintErrorMessageAndExit(fmt.Sprintf("error reading your project config %v", err))
-	}
-
-	if workspaceFilePath.WorkspaceId == "" {
-		PrintErrorMessageAndExit("Your project id is missing in your local config file. Please add it or run again [infisical init]")
-	}
-}
-
 func GetHashFromStringList(list []string) string {
 	hash := sha256.New()
 

cli/packages/util/secrets.go

@@ -220,7 +220,7 @@ func InjectImportedSecret(plainTextWorkspaceKey []byte, secrets []models.SingleE
 	return secrets, nil
 }
 
-func GetAllEnvironmentVariables(params models.GetAllSecretsParameters, projectConfigFilePath string) ([]models.SingleEnvironmentVariable, error) {
+func GetAllEnvironmentVariables(params models.GetAllSecretsParameters) ([]models.SingleEnvironmentVariable, error) {
 	var infisicalToken string
 	if params.InfisicalToken == "" {
 		infisicalToken = os.Getenv(INFISICAL_TOKEN_NAME)
@@ -236,13 +236,7 @@ func GetAllEnvironmentVariables(params models.GetAllSecretsParameters, projectCo
 	if infisicalToken == "" {
 		if isConnected {
 			log.Debug().Msg("GetAllEnvironmentVariables: Connected to internet, checking logged in creds")
-
-			if projectConfigFilePath == "" {
-				RequireLocalWorkspaceFile()
-			} else {
-				ValidateWorkspaceFile(projectConfigFilePath)
-			}
-
+			RequireLocalWorkspaceFile()
 			RequireLogin()
 		}
 
@@ -257,26 +251,13 @@ func GetAllEnvironmentVariables(params models.GetAllSecretsParameters, projectCo
 			PrintErrorMessageAndExit("Your login session has expired, please run [infisical login] and try again")
 		}
 
-		var infisicalDotJson models.WorkspaceConfigFile
-
-		if projectConfigFilePath == "" {
-			projectConfig, err := GetWorkSpaceFromFile()
-			if err != nil {
-				return nil, err
-			}
-
-			infisicalDotJson = projectConfig
-		} else {
-			projectConfig, err := GetWorkSpaceFromFilePath(projectConfigFilePath)
-			if err != nil {
-				return nil, err
-			}
-
-			infisicalDotJson = projectConfig
+		workspaceFile, err := GetWorkSpaceFromFile()
+		if err != nil {
+			return nil, err
 		}
 
 		if params.WorkspaceId != "" {
-			infisicalDotJson.WorkspaceId = params.WorkspaceId
+			workspaceFile.WorkspaceId = params.WorkspaceId
 		}
 
 		// // Verify environment
@@ -285,18 +266,18 @@ func GetAllEnvironmentVariables(params models.GetAllSecretsParameters, projectCo
 		// 	return nil, fmt.Errorf("unable to validate environment name because [err=%s]", err)
 		// }
 
-		secretsToReturn, errorToReturn = GetPlainTextSecretsViaJTW(loggedInUserDetails.UserCredentials.JTWToken, loggedInUserDetails.UserCredentials.PrivateKey, infisicalDotJson.WorkspaceId,
+		secretsToReturn, errorToReturn = GetPlainTextSecretsViaJTW(loggedInUserDetails.UserCredentials.JTWToken, loggedInUserDetails.UserCredentials.PrivateKey, workspaceFile.WorkspaceId,
 			params.Environment, params.TagSlugs, params.SecretsPath, params.IncludeImport)
 		log.Debug().Msgf("GetAllEnvironmentVariables: Trying to fetch secrets JTW token [err=%s]", errorToReturn)
 
 		backupSecretsEncryptionKey := []byte(loggedInUserDetails.UserCredentials.PrivateKey)[0:32]
 		if errorToReturn == nil {
-			WriteBackupSecrets(infisicalDotJson.WorkspaceId, params.Environment, backupSecretsEncryptionKey, secretsToReturn)
+			WriteBackupSecrets(workspaceFile.WorkspaceId, params.Environment, backupSecretsEncryptionKey, secretsToReturn)
 		}
 
 		// only attempt to serve cached secrets if no internet connection and if at least one secret cached
 		if !isConnected {
-			backedSecrets, err := ReadBackupSecrets(infisicalDotJson.WorkspaceId, params.Environment, backupSecretsEncryptionKey)
+			backedSecrets, err := ReadBackupSecrets(workspaceFile.WorkspaceId, params.Environment, backupSecretsEncryptionKey)
 			if len(backedSecrets) > 0 {
 				PrintWarning("Unable to fetch latest secret(s) due to connection error, serving secrets from last successful fetch. For more info, run with --debug")
 				secretsToReturn = backedSecrets
@@ -440,7 +421,7 @@ func getSecretsByKeys(secrets []models.SingleEnvironmentVariable) map[string]mod
 	return secretMapByName
 }
 
-func ExpandSecrets(secrets []models.SingleEnvironmentVariable, infisicalToken string, projectConfigPathDir string) []models.SingleEnvironmentVariable {
+func ExpandSecrets(secrets []models.SingleEnvironmentVariable, infisicalToken string) []models.SingleEnvironmentVariable {
 	expandedSecs := make(map[string]string)
 	interpolatedSecs := make(map[string]string)
 	// map[env.secret-path][keyname]Secret
@@ -473,7 +454,7 @@ func ExpandSecrets(secrets []models.SingleEnvironmentVariable, infisicalToken st
 
 			if crossRefSec, ok := crossEnvRefSecs[uniqKey]; !ok {
 				// if not in cross reference cache, fetch it from server
-				refSecs, err := GetAllEnvironmentVariables(models.GetAllSecretsParameters{Environment: env, InfisicalToken: infisicalToken, SecretsPath: secPath}, projectConfigPathDir)
+				refSecs, err := GetAllEnvironmentVariables(models.GetAllSecretsParameters{Environment: env, InfisicalToken: infisicalToken, SecretsPath: secPath})
 				if err != nil {
 					HandleError(err, fmt.Sprintf("Could not fetch secrets in environment: %s secret-path: %s", env, secPath), "If you are using a service token to fetch secrets, please ensure it is valid")
 				}

docker-compose.dev.yml

@@ -124,43 +124,12 @@ services:
       - "8085:8081"
     networks:
       - infisical-dev
-  
-  openldap: # note: more advanced configuration is available
-    image: osixia/openldap:1.5.0
-    restart: always
-    environment:
-      LDAP_ORGANISATION: Acme
-      LDAP_DOMAIN: acme.com
-      LDAP_ADMIN_PASSWORD: admin
-    ports:
-      - 389:389
-      - 636:636
-    volumes:
-      - ldap_data:/var/lib/ldap
-      - ldap_config:/etc/ldap/slapd.d
-    networks:
-      - infisical-dev
-
-  phpldapadmin: # username: cn=admin,dc=acme,dc=com, pass is admin
-    image: osixia/phpldapadmin:latest
-    restart: always
-    environment:
-      - PHPLDAPADMIN_LDAP_HOSTS=openldap
-      - PHPLDAPADMIN_HTTPS=false
-    ports:
-      - 6433:80
-    depends_on:
-      - openldap
-    networks:
-      - infisical-dev
 
 volumes:
   mongo-data:
     driver: local
   redis_data:
     driver: local
-  ldap_data:
-  ldap_config:
 
 networks:
   infisical-dev:

docs/cli/commands/run.mdx

@@ -62,16 +62,6 @@ Inject secrets from Infisical into your application process.
   </Accordion>
 
   ### Flags 
-  
-   <Accordion title="--project-config-dir">
-    Explicitly set the directory where the .infisical.json resides. This is useful for some monorepo setups. 
-
-    ```bash
-    # Example 
-    infisical run --project-config-dir=/some-dir -- printenv
-    ```
-  </Accordion>
-
   <Accordion title="--command">
     Pass secrets into multiple commands at once
 

docs/documentation/platform/project.mdx

@@ -89,10 +89,6 @@ Then:
 - If user A fetches the secret D back, they get the value F.
 - If users B and C fetch the secret D back, they both get the value E.
 
-<Info>
-    Please keep in mind that secret reminders won't work with personal overrides.
-</Info>
-
 ![project override secret](../../images/platform/project/project-secrets-override.png)
 
 ### Drawer

docs/documentation/platform/sso/overview.mdx

@@ -7,8 +7,9 @@ description: "Log in to Infisical via SSO protocols"
   Infisical offers Google SSO and GitHub SSO for free across both Infisical Cloud and Infisical Self-hosted.
   
   Infisical also offers SAML SSO authentication but as paid features that can be unlocked on Infisical Cloud's **Pro** tier
-  or via enterprise license on self-hosted instances of Infisical. On this front, we support industry-leading providers including 
-  Okta, Azure AD, and JumpCloud; with any questions, please reach out to [sales@infisical.com](mailto:sales@infisical.com).
+  or via enterprise license on self-hosted instances of Infisical. On this front, we currently support Okta, Azure AD, and JumpCloud and
+  are expanding support for other IdPs in the coming months; stay tuned and feel free to request a IdP at this
+  [issue](https://github.com/Infisical/infisical/issues/442).
 </Warning>
 
 You can configure your organization in Infisical to have members authenticate with the platform via protocols like [SAML 2.0](https://en.wikipedia.org/wiki/SAML_2.0).
@@ -21,4 +22,4 @@ your IdP cannot and will not have access to the decryption key needed to decrypt
 - [GitLab SSO](/documentation/platform/sso/gitlab)
 - [Okta SAML](/documentation/platform/sso/okta)
 - [Azure SAML](/documentation/platform/sso/azure)
-- [JumpCloud SAML](/documentation/platform/sso/jumpcloud)
+- [JumpCloud SAML](/documentation/platform/sso/jumpcloud)

docs/sdks/languages/csharp.mdx

@@ -1,394 +0,0 @@
----
-title: "Infisical .NET SDK"
-icon: "C#"
----
-
-If you're working with C#, the official [Infisical C# SDK](https://github.com/Infisical/sdk/tree/main/languages/csharp) package is the easiest way to fetch and work with secrets for your application.
-
-- [Nuget Package](https://www.nuget.org/packages/Infisical.Sdk)
-- [Github Repository](https://github.com/Infisical/sdk/tree/main/languages/csharp)
-
-## Basic Usage
-
-```cs
-using Infisical.Sdk;
-
-namespace Example
-{
-    class Program
-    {
-        static void Main(string[] args)
-        {
-
-            var settings = new ClientSettings
-            {
-                ClientId = "CLIENT_ID",
-                ClientSecret = "CLIENT_SECRET",
-                // SiteUrl = "http://localhost:8080", <-- This line can be omitted if you're using Infisical Cloud.
-            };
-            var infisical = new InfisicalClient(settings);
-
-            var options = new GetSecretOptions
-            {
-                SecretName = "TEST",
-                ProjectId = "PROJECT_ID",
-                Environment = "dev",
-            };
-            var secret = infisical.GetSecret(options);
-
-
-            Console.WriteLine($"The value of secret '{secret.SecretKey}', is: {secret.SecretValue}");
-        }
-    }
-}
-```
-
-This example demonstrates how to use the Infisical C# SDK in a C# application. The application retrieves a secret named `TEST` from the `dev` environment of the `PROJECT_ID` project.
-
-<Warning>
-    We do not recommend hardcoding your [Machine Identity Tokens](/platform/identities/overview). Setting it as an environment variable would be best.
-</Warning>
-
-# Installation
-
-Run `npm` to add `@infisical/sdk` to your project.
-
-```console
-$ dotnet add package Infisical.Sdk
-```
-# Configuration
-
-Import the SDK and create a client instance with your [Machine Identity](/platform/identities/universal-auth).
-
-```cs
-using Infisical.Sdk;
-
-namespace Example
-{
-    class Program
-    {
-        static void Main(string[] args)
-        {
-
-            var settings = new ClientSettings
-            {
-                ClientId = "CLIENT_ID",
-                ClientSecret = "CLIENT_SECRET",
-            };
-
-            var infisical = new InfisicalClient(settings); // <-- Your SDK instance!
-        }
-    }
-}
-```
-
-### ClientSettings methods
-
-<ParamField query="options" type="object">
-    <Expandable title="properties">
-        <ParamField query="ClientId" type="string" optional>
-            Your machine identity client ID.
-        </ParamField>
-          <ParamField query="ClientSecret" type="string" optional>
-            Your machine identity client secret.
-        </ParamField>
-
-         <ParamField query="AccessToken" type="string" optional>
-            An access token obtained from the machine identity login endpoint.
-        </ParamField>
-
-        <ParamField query="CacheTtl" type="number" default="300" optional>
-            Time-to-live (in seconds) for refreshing cached secrets.
-            If manually set to 0, caching will be disabled, this is not recommended.
-        </ParamField>
-
-        <ParamField query="SiteUrl()" type="string" default="https://app.infisical.com" optional>
-            Your self-hosted absolute site URL including the protocol (e.g. `https://app.infisical.com`)
-        </ParamField>
-    </Expandable>
-
-</ParamField>
-
-### Caching
-
-To reduce the number of API requests, the SDK temporarily stores secrets it retrieves. By default, a secret remains cached for 5 minutes after it's first fetched. Each time it's fetched again, this 5-minute timer resets. You can adjust this caching duration by setting the "cacheTTL" option when creating the client.
-
-## Working with Secrets
-
-### client.ListSecrets(options)
-
-```cs
-var options = new ListSecretsOptions
-{
-    ProjectId = "PROJECT_ID",
-    Environment = "dev",
-    Path = "/foo/bar",
-    AttachToProcessEnv = false,
-};
-
-var secrets = infisical.ListSecrets(options);
-```
-
-Retrieve all secrets within the Infisical project and environment that client is connected to
-
-#### Parameters
-
-<ParamField query="Parameters" type="object">
-    <Expandable title="properties">
-        <ParamField query="Environment" type="string" required>
-            The slug name (dev, prod, etc) of the environment from where secrets should be fetched from.
-        </ParamField>
-
-        <ParamField query="ProjectId" type="string">
-            The project ID where the secret lives in.
-        </ParamField>
-
-         <ParamField query="Path" type="string" optional>
-            The path from where secrets should be fetched from.
-        </ParamField>
-
-        <ParamField query="AttachToProcessEnv" type="boolean" default="false" optional>
-             Whether or not to set the fetched secrets to the process environment. If true, you can access the secrets like so `System.getenv("SECRET_NAME")`.
-        </ParamField>
-
-        <ParamField query="IncludeImports" type="boolean" default="false" optional>
-             Whether or not to include imported secrets from the current path. Read about [secret import](/documentation/platform/secret-reference)
-        </ParamField>
-    </Expandable>
-
-</ParamField>
-
-### client.GetSecret(options)
-
-```cs
-var options = new GetSecretOptions
-    {
-        SecretName = "AAAA",
-        ProjectId = "659c781eb2d4fe3e307b77bd",
-        Environment = "dev",
-    };
-var secret = infisical.GetSecret(options);
-```
-
-Retrieve a secret from Infisical.
-
-By default, `GetSecret()` fetches and returns a shared secret.
-
-#### Parameters
-
-<ParamField query="Parameters" type="object" optional>
-    <Expandable title="properties">
-        <ParamField query="SecretName" type="string" required>
-            The key of the secret to retrieve.
-        </ParamField>
-        <ParamField query="ProjectId" type="string" required>
-            The project ID where the secret lives in.
-        </ParamField>
-        <ParamField query="Environment" type="string" required>
-            The slug name (dev, prod, etc) of the environment from where secrets should be fetched from.
-        </ParamField>
-        <ParamField query="Path" type="string" optional>
-            The path from where secret should be fetched from.
-        </ParamField>
-        <ParamField query="Type" type="string" optional>
-            The type of the secret. Valid options are "shared" or "personal". If not specified, the default value is "shared".
-        </ParamField>
-    </Expandable>
-</ParamField>
-
-### client.CreateSecret(options)
-
-```cs
-var options = new CreateSecretOptions {
-    Environment = "dev",
-    ProjectId = "PROJECT_ID",
-
-    SecretName = "NEW_SECRET",
-    SecretValue = "NEW_SECRET_VALUE",
-    SecretComment = "This is a new secret",
-};
-
-var newSecret = infisical.CreateSecret(options);
-```
-
-Create a new secret in Infisical.
-
-#### Parameters
-
-<ParamField query="Parameters" type="object" optional>
-    <Expandable title="properties">
-        <ParamField query="SecretName" type="string" required>
-            The key of the secret to create.
-        </ParamField>
-        <ParamField query="SecretValue" type="string" required>
-            The value of the secret.
-        </ParamField>
-        <ParamField query="ProjectId" type="string" required>
-            The project ID where the secret lives in.
-        </ParamField>
-        <ParamField query="Environment" type="string" required>
-            The slug name (dev, prod, etc) of the environment from where secrets should be fetched from.
-        </ParamField>
-        <ParamField query="Path" type="string" optional>
-            The path from where secret should be created.
-        </ParamField>
-        <ParamField query="Type" type="string" optional>
-            The type of the secret. Valid options are "shared" or "personal". If not specified, the default value is "shared".
-        </ParamField>
-    </Expandable>
-</ParamField>
-
-### client.UpdateSecret(options)
-
-```cs
-var options = new UpdateSecretOptions {
-    Environment = "dev",
-    ProjectId = "PROJECT_ID",
-
-    SecretName = "SECRET_TO_UPDATE",
-    SecretValue = "NEW VALUE"
-};
-
-var updatedSecret = infisical.UpdateSecret(options);
-```
-
-Update an existing secret in Infisical.
-
-#### Parameters
-
-<ParamField query="Parameters" type="object" optional>
-    <Expandable title="properties">
-        <ParamField query="SecretName" type="string" required>
-            The key of the secret to update.
-        </ParamField>
-        <ParamField query="SecretValue" type="string" required>
-            The new value of the secret.
-        </ParamField>
-        <ParamField query="ProjectId" type="string" required>
-            The project ID where the secret lives in.
-        </ParamField>
-        <ParamField query="Environment" type="string" required>
-            The slug name (dev, prod, etc) of the environment from where secrets should be fetched from.
-        </ParamField>
-        <ParamField query="Path" type="string" optional>
-            The path from where secret should be updated.
-        </ParamField>
-        <ParamField query="Type" type="string" optional>
-            The type of the secret. Valid options are "shared" or "personal". If not specified, the default value is "shared".
-        </ParamField>
-    </Expandable>
-</ParamField>
-
-### client.DeleteSecret(options)
-
-```cs
-var options = new DeleteSecretOptions
-{
-    Environment = "dev",
-    ProjectId = "PROJECT_ID",
-    SecretName = "NEW_SECRET",
-};
-
-var deletedSecret = infisical.DeleteSecret(options);
-```
-
-Delete a secret in Infisical.
-
-#### Parameters
-
-<ParamField query="Parameters" type="object" optional>
-    <Expandable title="properties">
-        <ParamField query="SecretName" type="string">
-            The key of the secret to update.
-        </ParamField>
-        <ParamField query="ProjectId" type="string" required>
-            The project ID where the secret lives in.
-        </ParamField>
-        <ParamField query="Environment" type="string" required>
-            The slug name (dev, prod, etc) of the environment from where secrets should be fetched from.
-        </ParamField>
-        <ParamField query="Path" type="string" optional>
-            The path from where secret should be deleted.
-        </ParamField>
-        <ParamField query="Type" type="string" optional>
-            The type of the secret. Valid options are "shared" or "personal". If not specified, the default value is "shared".
-        </ParamField>
-    </Expandable>
-</ParamField>
-
-## Cryptography
-
-### Create a symmetric key
-
-Create a base64-encoded, 256-bit symmetric key to be used for encryption/decryption.
-
-```cs
-var key = infisical.CreateSymmetricKey();
-```
-
-#### Returns (string)
-`key` (string): A base64-encoded, 256-bit symmetric key, that can be used for encryption/decryption purposes.
-
-### Encrypt symmetric
-```cs
-var options = new EncryptSymmetricOptions
-{
-    Plaintext = "Infisical is awesome!",
-    Key = key,
-};
-
-var encryptedData = infisical.EncryptSymmetric(options);
-```
-
-#### Parameters
-
-<ParamField query="Parameters" type="object" required>
-    <Expandable title="properties">
-        <ParamField query="Plaintext" type="string">
-            The plaintext you want to encrypt.
-        </ParamField>
-        <ParamField query="Key" type="string" required>
-            The symmetric key to use for encryption.
-        </ParamField>
-    </Expandable>
-</ParamField>
-
-#### Returns (object)
-`Tag` (string): A base64-encoded, 128-bit authentication tag.
-`Iv` (string): A base64-encoded, 96-bit initialization vector.
-`CipherText` (string): A base64-encoded, encrypted ciphertext.
-
-### Decrypt symmetric
-```cs
-var decryptOptions = new DecryptSymmetricOptions
-{
-    Key = key,
-    Ciphertext = encryptedData.Ciphertext,
-    Iv = encryptedData.Iv,
-    Tag = encryptedData.Tag,
-};
-
-var decryptedPlaintext = infisical.DecryptSymmetric(decryptOptions);
-```
-
-#### Parameters
-<ParamField query="Parameters" type="object" required>
-    <Expandable title="properties">
-        <ParamField query="Ciphertext" type="string">
-            The ciphertext you want to decrypt.
-        </ParamField>
-        <ParamField query="Key" type="string" required>
-            The symmetric key to use for encryption.
-        </ParamField>
-        <ParamField query="Iv" type="string" required>
-            The initialization vector to use for decryption.
-        </ParamField>
-        <ParamField query="Tag" type="string" required>
-            The authentication tag to use for decryption.
-        </ParamField>
-    </Expandable>
-</ParamField>
-
-#### Returns (string)
-`Plaintext` (string): The decrypted plaintext.
-

docs/sdks/languages/go.mdx

@@ -0,0 +1,8 @@
+---
+title: "Go"
+icon: "golang"
+---
+
+Coming soon.
+
+Star our GitHub repository to stay updated [cross-language SDK](https://github.com/Infisical/sdk) GitHub repository to stay updated.

docs/sdks/languages/java.mdx

@@ -1,13 +1,10 @@
 ---
-title: "Infisical Java SDK"
+title: "Java"
 icon: "java"
 ---
 
 If you're working with Java, the official [Infisical Java SDK](https://github.com/Infisical/sdk/tree/main/languages/java) package is the easiest way to fetch and work with secrets for your application.
 
-- [Maven Package](https://github.com/Infisical/sdk/packages/2019741)
-- [Github Repository](https://github.com/Infisical/sdk/tree/main/languages/java)
-
 ## Basic Usage
 
 ```java
@@ -124,7 +121,7 @@ SecretElement[] secrets = client.listSecrets(options);
 
 Retrieve all secrets within the Infisical project and environment that client is connected to
 
-#### Methods
+### Methods
 
 <ParamField query="Parameters" type="object">
     <Expandable title="properties">
@@ -168,7 +165,7 @@ Retrieve a secret from Infisical.
 
 By default, `getSecret()` fetches and returns a shared secret.
 
-#### Methods
+### Methods
 
 <ParamField query="Parameters" type="object" optional>
     <Expandable title="properties">
@@ -206,7 +203,7 @@ CreateSecretResponseSecret newSecret = client.createSecret(createOptions);
 
 Create a new secret in Infisical.
 
-#### Methods
+### Methods
 
 <ParamField query="Parameters" type="object" optional>
     <Expandable title="properties">
@@ -248,7 +245,7 @@ UpdateSecretResponseSecret updatedSecret = client.updateSecret(options);
 
 Update an existing secret in Infisical.
 
-#### Methods
+### Methods
 
 <ParamField query="Parameters" type="object" optional>
     <Expandable title="properties">
@@ -289,7 +286,7 @@ DeleteSecretResponseSecret deletedSecret = client.deleteSecret(options);
 
 Delete a secret in Infisical.
 
-#### Methods
+### Methods
 
 <ParamField query="Parameters" type="object" optional>
     <Expandable title="properties">
@@ -310,76 +307,3 @@ Delete a secret in Infisical.
         </ParamField>
     </Expandable>
 </ParamField>
-
-## Cryptography
-
-### Create a symmetric key
-
-Create a base64-encoded, 256-bit symmetric key to be used for encryption/decryption.
-
-```java
-String key = client.createSymmetricKey();
-```
-
-#### Returns (string)
-`key` (string): A base64-encoded, 256-bit symmetric key, that can be used for encryption/decryption purposes.
-
-### Encrypt symmetric
-```java
-EncryptSymmetricOptions options = new EncryptSymmetricOptions();
-options.setKey(key);
-options.setPlaintext("Infisical is awesome!");
-
-EncryptSymmetricResponse encryptedData = client.encryptSymmetric(options);
-```
-
-#### Methods
-
-<ParamField query="Parameters" type="object" required>
-    <Expandable title="properties">
-        <ParamField query="setPlaintext()" type="string">
-            The plaintext you want to encrypt.
-        </ParamField>
-        <ParamField query="setKey()" type="string" required>
-            The symmetric key to use for encryption.
-        </ParamField>
-    </Expandable>
-</ParamField>
-
-#### Returns (object)
-`tag (getTag())` (string): A base64-encoded, 128-bit authentication tag.
-`iv (getIv())` (string): A base64-encoded, 96-bit initialization vector.
-`ciphertext (getCipherText())` (string): A base64-encoded, encrypted ciphertext.
-
-
-### Decrypt symmetric
-```java
-DecryptSymmetricOptions decryptOptions = new DecryptSymmetricOptions();
-decryptOptions.setKey(key);
-decryptOptions.setCiphertext(encryptedData.getCiphertext());
-decryptOptions.setIv(encryptedData.getIv());
-decryptOptions.setTag(encryptedData.getTag());
-
-String decryptedString = client.decryptSymmetric(decryptOptions);
-```
-
-#### Methods
-<ParamField query="Parameters" type="object" required>
-    <Expandable title="properties">
-        <ParamField query="setCiphertext()" type="string">
-            The ciphertext you want to decrypt.
-        </ParamField>
-        <ParamField query="setKey()" type="string" required>
-            The symmetric key to use for encryption.
-        </ParamField>
-        <ParamField query="setIv()" type="string" required>
-            The initialization vector to use for decryption.
-        </ParamField>
-        <ParamField query="setTag()" type="string" required>
-            The authentication tag to use for decryption.
-        </ParamField>
-    </Expandable>
-</ParamField>
-
-#### Returns (string)
-`Plaintext` (string): The decrypted plaintext.

docs/sdks/languages/node.mdx

@@ -1,13 +1,10 @@
 ---
-title: "Infisical Node.js SDK"
+title: "Node"
 icon: "node"
 ---
 
 If you're working with Node.js, the official [infisical-node](https://github.com/Infisical/sdk/tree/main/languages/node) package is the easiest way to fetch and work with secrets for your application.
 
-- [NPM Package](https://www.npmjs.com/package/@infisical/sdk)
-- [Github Repository](https://github.com/Infisical/sdk/tree/main/languages/node)
-
 ## Basic Usage
 
 ```js
@@ -87,12 +84,12 @@ Import the SDK and create a client instance with your [Machine Identity](/docume
         clientSecret: "YOUR_CLIENT_SECRET",
         logLevel: LogLevel.Error
     });
-    ```
+    ````
 
   </Tab>
 </Tabs>
 
-#### Parameters
+### Parameters
 
 <ParamField query="options" type="object">
     <Expandable title="properties">
@@ -141,7 +138,7 @@ const secrets = await client.listSecrets({
 
 Retrieve all secrets within the Infisical project and environment that client is connected to
 
-#### Parameters
+### Parameters
 
 <ParamField query="Parameters" type="object">
     <Expandable title="properties">
@@ -183,7 +180,7 @@ Retrieve a secret from Infisical.
 
 By default, `getSecret()` fetches and returns a shared secret.
 
-#### Parameters
+### Parameters
 
 <ParamField query="Parameters" type="object" optional>
     <Expandable title="properties">
@@ -258,7 +255,7 @@ const updatedApiKey = await client.updateSecret({
 
 Update an existing secret in Infisical.
 
-#### Parameters
+### Parameters
 
 <ParamField query="Parameters" type="object" optional>
     <Expandable title="properties">
@@ -318,73 +315,3 @@ Delete a secret in Infisical.
         </ParamField>
     </Expandable>
 </ParamField>
-
-## Cryptography
-
-### Create a symmetric key
-
-Create a base64-encoded, 256-bit symmetric key to be used for encryption/decryption.
-
-```js
-const key = client.createSymmetricKey();
-```
-
-#### Returns (string)
-`key` (string): A base64-encoded, 256-bit symmetric key, that can be used for encryption/decryption purposes.
-
-### Encrypt symmetric
-```js
-const { iv, tag, ciphertext } = await client.encryptSymmetric({
-    key: key,
-    plaintext: "Infisical is awesome!",
-})
-```
-
-#### Parameters
-
-<ParamField query="Parameters" type="object" required>
-    <Expandable title="properties">
-        <ParamField query="plaintext" type="string">
-            The plaintext you want to encrypt.
-        </ParamField>
-        <ParamField query="key" type="string" required>
-            The symmetric key to use for encryption.
-        </ParamField>
-    </Expandable>
-</ParamField>
-
-#### Returns (object)
-`tag` (string): A base64-encoded, 128-bit authentication tag.
-`iv` (string): A base64-encoded, 96-bit initialization vector.
-`ciphertext` (string): A base64-encoded, encrypted ciphertext.
-
-### Decrypt symmetric
-```js
-const decryptedString = await client.decryptSymmetric({
-    key: key,
-    iv: iv,
-    tag: tag,
-    ciphertext: ciphertext,
-});
-```
-
-#### Parameters
-<ParamField query="Parameters" type="object" required>
-    <Expandable title="properties">
-        <ParamField query="ciphertext" type="string">
-            The ciphertext you want to decrypt.
-        </ParamField>
-        <ParamField query="key" type="string" required>
-            The symmetric key to use for encryption.
-        </ParamField>
-        <ParamField query="iv" type="string" required>
-            The initialization vector to use for decryption.
-        </ParamField>
-        <ParamField query="tag" type="string" required>
-            The authentication tag to use for decryption.
-        </ParamField>
-    </Expandable>
-</ParamField>
-
-#### Returns (string)
-`plaintext` (string): The decrypted plaintext.

docs/sdks/languages/php.mdx

@@ -0,0 +1,8 @@
+---
+title: "PHP"
+icon: "php"
+---
+
+Coming soon.
+
+Star our GitHub repository to stay updated [cross-language SDK](https://github.com/Infisical/sdk) GitHub repository to stay updated.

docs/sdks/languages/python.mdx

@@ -1,13 +1,10 @@
 ---
-title: "Infisical Python SDK"
+title: "Python"
 icon: "python"
 ---
 
 If you're working with Python, the official [infisical-python](https://github.com/Infisical/sdk/edit/main/crates/infisical-py) package is the easiest way to fetch and work with secrets for your application.
 
-- [PyPi Package](https://pypi.org/project/infisical-python/)
-- [Github Repository](https://github.com/Infisical/sdk/edit/main/crates/infisical-py)
-
 ## Basic Usage
 
 ```py
@@ -63,7 +60,7 @@ client = InfisicalClient(ClientSettings(
 ))
 ```
 
-#### Parameters
+### Parameters
 
 <ParamField query="options" type="object">
     <Expandable title="properties">
@@ -113,7 +110,7 @@ client.listSecrets(options=ListSecretsOptions(
 
 Retrieve all secrets within the Infisical project and environment that client is connected to
 
-#### Parameters
+### Parameters
 
 <ParamField query="Parameters" type="object">
     <Expandable title="properties">
@@ -152,7 +149,7 @@ value = secret.secret_value # get its value
 
 By default, `getSecret()` fetches and returns a shared secret. If not found, it returns a personal secret.
 
-#### Parameters
+### Parameters
 
 <ParamField query="Parameters" type="object" optional>
     <Expandable title="properties">
@@ -190,7 +187,7 @@ api_key = client.createSecret(options=CreateSecretOptions(
 
 Create a new secret in Infisical.
 
-#### Parameters
+### Parameters
 
 <ParamField query="Parameters" type="object" optional>
     <Expandable title="properties">
@@ -228,7 +225,7 @@ client.updateSecret(options=UpdateSecretOptions(
 
 Update an existing secret in Infisical.
 
-#### Parameters
+### Parameters
 
 <ParamField query="Parameters" type="object" optional>
     <Expandable title="properties">
@@ -265,7 +262,7 @@ client.deleteSecret(options=DeleteSecretOptions(
 
 Delete a secret in Infisical.
 
-#### Parameters
+### Parameters
 
 <ParamField query="Parameters" type="object" optional>
     <Expandable title="properties">
@@ -286,79 +283,3 @@ Delete a secret in Infisical.
         </ParamField>
     </Expandable>
 </ParamField>
-
-## Cryptography
-
-### Create a symmetric key
-
-Create a base64-encoded, 256-bit symmetric key to be used for encryption/decryption.
-
-```py
-key = client.createSymmetricKey()
-```
-
-#### Returns (string)
-`key` (string): A base64-encoded, 256-bit symmetric key, that can be used for encryption/decryption purposes.
-
-### Encrypt symmetric
-```py
-encryptOptions = EncryptSymmetricOptions(
-    key=key,
-    plaintext="Infisical is awesome!"
-)
-
-encryptedData = client.encryptSymmetric(encryptOptions)
-```
-
-#### Parameters
-
-<ParamField query="Parameters" type="object" required>
-    <Expandable title="properties">
-        <ParamField query="plaintext" type="string">
-            The plaintext you want to encrypt.
-        </ParamField>
-        <ParamField query="key" type="string" required>
-            The symmetric key to use for encryption.
-        </ParamField>
-    </Expandable>
-</ParamField>
-
-#### Returns (object)
-`tag` (string): A base64-encoded, 128-bit authentication tag.
-`iv` (string): A base64-encoded, 96-bit initialization vector.
-`ciphertext` (string): A base64-encoded, encrypted ciphertext.
-
-### Decrypt symmetric
-```py
-decryptOptions = DecryptSymmetricOptions(
-    ciphertext=encryptedData.ciphertext,
-    iv=encryptedData.iv,
-    tag=encryptedData.tag,
-    key=key
-)
-
-decryptedString = client.decryptSymmetric(decryptOptions)
-
-
-```
-
-#### Parameters
-<ParamField query="Parameters" type="object" required>
-    <Expandable title="properties">
-        <ParamField query="ciphertext" type="string">
-            The ciphertext you want to decrypt.
-        </ParamField>
-        <ParamField query="key" type="string" required>
-            The symmetric key to use for encryption.
-        </ParamField>
-        <ParamField query="iv" type="string" required>
-            The initialization vector to use for decryption.
-        </ParamField>
-        <ParamField query="tag" type="string" required>
-            The authentication tag to use for decryption.
-        </ParamField>
-    </Expandable>
-</ParamField>
-
-#### Returns (string)
-`plaintext` (string): The decrypted plaintext.

docs/sdks/languages/ruby.mdx

@@ -0,0 +1,8 @@
+---
+title: "Ruby"
+icon: "gem"
+---
+
+Coming soon.
+
+Star our GitHub repository to stay updated [cross-language SDK](https://github.com/Infisical/sdk) GitHub repository to stay updated.

docs/sdks/languages/rust.mdx

@@ -0,0 +1,8 @@
+---
+title: "Rust"
+icon: "rust"
+---
+
+Coming soon.
+
+Star our GitHub repository to stay updated [cross-language SDK](https://github.com/Infisical/sdk) GitHub repository to stay updated.

docs/sdks/overview.mdx

@@ -18,8 +18,17 @@ From local development to production, Infisical SDKs provide the easiest way for
     <Card href="/sdks/languages/java" title="Java" icon="java" color="#e41f23">
         Manage secrets for your Java application on demand
     </Card>
-    <Card href="/sdks/languages/csharp" title="C#" icon="bars" color="#368833">
-        Manage secrets for your C#/.NET application on demand
+    <Card href="/sdks/languages/ruby" title="Ruby" icon="gem" color="#ac0d01">
+        Manage secrets for your Ruby application on demand
+    </Card>
+    <Card href="/sdks/languages/go" title="Golang" icon="golang" color="#00add8">
+        Manage secrets for your Go application on demand
+    </Card>
+    <Card href="/sdks/languages/rust" title="Rust" icon="rust" color="#cd412b">
+        Manage secrets for your Rust application on demand
+    </Card>
+    <Card href="/sdks/languages/php" title="PHP" icon="php" color="#787cb4">
+        Manage secrets for your PHP application on demand
     </Card>
 </CardGroup>
 

frontend/src/hooks/api/auth/queries.tsx

@@ -14,22 +14,19 @@ import {
   Login1Res,
   Login2DTO,
   Login2Res,
-  LoginLDAPDTO,
-  LoginLDAPRes,
   ResetPasswordDTO,
   SendMfaTokenDTO,
   SRP1DTO,
   SRPR1Res,
   VerifyMfaTokenDTO,
   VerifyMfaTokenRes,
-  VerifySignupInviteDTO,
+  VerifySignupInviteDTO
 } from "./types";
 
 const authKeys = {
   getAuthToken: ["token"] as const
 };
 
-
 export const login1 = async (loginDetails: Login1DTO) => {
   const { data } = await apiRequest.post<Login1Res>("/api/v3/auth/login1", loginDetails);
   return data;
@@ -40,11 +37,6 @@ export const login2 = async (loginDetails: Login2DTO) => {
   return data;
 };
 
-export const loginLDAPRedirect = async (loginLDAPDetails: LoginLDAPDTO) => {
-  const { data } = await apiRequest.post<LoginLDAPRes>("/api/v1/ldap/login", loginLDAPDetails); // return if account is complete or not + provider auth token
-  return data;
-}
-
 export const useLogin1 = () => {
   return useMutation({
     mutationFn: async (details: {

frontend/src/hooks/api/auth/types.ts

@@ -53,16 +53,6 @@ export type Login2Res = {
   tag?: string;
 }
 
-export type LoginLDAPDTO = {
-  organizationId: string;
-  username: string;
-  password: string;
-}
-
-export type LoginLDAPRes = {
-  nextUrl: string;
-}
-
 export type SRP1DTO = {
   clientPublicKey: string;
 }

frontend/src/hooks/api/index.tsx

@@ -8,7 +8,6 @@ export * from "./incidentContacts";
 export * from "./integrationAuth";
 export * from "./integrations";
 export * from "./keys";
-export * from "./ldapConfig";
 export * from "./organization";
 export * from "./roles";
 export * from "./secretApproval";

frontend/src/hooks/api/ldapConfig/index.tsx

@@ -1,5 +0,0 @@
-export {
-    useCreateLDAPConfig,
-    useGetLDAPConfig,
-    useUpdateLDAPConfig
-} from "./queries";

frontend/src/hooks/api/ldapConfig/queries.tsx

@@ -1,103 +0,0 @@
-import { useMutation, useQuery, useQueryClient } from "@tanstack/react-query";
-
-import { apiRequest } from "@app/config/request";
-
-const ldapConfigKeys = {
-  getLDAPConfig: (orgId: string) => [{ orgId }, "organization-ldap"] as const,
-}
-
-export const useGetLDAPConfig = (organizationId: string) => {
-  return useQuery({
-    queryKey: ldapConfigKeys.getLDAPConfig(organizationId),
-    queryFn: async () => {
-      const { data } = await apiRequest.get(
-        `/api/v1/ldap/config?organizationId=${organizationId}`
-      );
-
-      return data;
-    },
-    enabled: true
-  });
-}
-
-export const useCreateLDAPConfig = () => {
-  const queryClient = useQueryClient();
-  return useMutation({
-    mutationFn: async ({
-        organizationId,
-        isActive,
-        url,
-        bindDN,
-        bindPass,
-        searchBase,
-        caCert
-    }: {
-        organizationId: string;
-        isActive: boolean;
-        url: string;
-        bindDN: string;
-        bindPass: string;
-        searchBase: string;
-        caCert?: string;
-    }) => {
-      const { data } = await apiRequest.post(
-        "/api/v1/ldap/config",
-        {
-            organizationId,
-            isActive,
-            url,
-            bindDN,
-            bindPass,
-            searchBase,
-            caCert
-        }
-      );
-      
-      return data;
-    },
-    onSuccess(_, dto) {
-      queryClient.invalidateQueries(ldapConfigKeys.getLDAPConfig(dto.organizationId));
-    }
-  });
-};
-
-export const useUpdateLDAPConfig = () => {
-  const queryClient = useQueryClient();
-  return useMutation({
-    mutationFn: async ({
-        organizationId,
-        isActive,
-        url,
-        bindDN,
-        bindPass,
-        searchBase,
-        caCert
-    }: {
-        organizationId: string;
-        isActive?: boolean;
-        url?: string;
-        bindDN?: string;
-        bindPass?: string;
-        searchBase?: string;
-        caCert?: string;
-    }) => {
-      const { data } = await apiRequest.patch(
-        "/api/v1/ldap/config",
-        {
-            organizationId,
-            isActive,
-            url,
-            bindDN,
-            bindPass,
-            searchBase,
-            caCert
-        }
-      );
-      
-      return data;
-    },
-    onSuccess(_, dto) {
-      queryClient.invalidateQueries(ldapConfigKeys.getLDAPConfig(dto.organizationId));
-    }
-  });
-};

frontend/src/hooks/api/ssoConfig/queries.tsx

@@ -3,7 +3,7 @@ import { useMutation, useQuery, useQueryClient } from "@tanstack/react-query";
 import { apiRequest } from "@app/config/request";
 
 const ssoConfigKeys = {
-  getSSOConfig: (orgId: string) => [{ orgId }, "organization-saml-sso"] as const,
+    getSSOConfig: (orgId: string) => [{ orgId }, "organization-saml-sso"] as const,
 }
 
 export const useGetSSOConfig = (organizationId: string) => {

frontend/src/layouts/AdminLayout/AdminLayout.tsx

@@ -70,7 +70,7 @@ export const AdminLayout = ({ children }: LayoutProps) => {
 
   const { user } = useUser();
   const { subscription } = useSubscription();
-  const { data: updateClosed } = useGetUserAction("september_update_closed");
+  const { data: updateClosed } = useGetUserAction("december_update_closed");
   const infisicalPlatformVersion = process.env.NEXT_PUBLIC_INFISICAL_PLATFORM_VERSION;
 
   const { t } = useTranslation();
@@ -78,7 +78,7 @@ export const AdminLayout = ({ children }: LayoutProps) => {
   const registerUserAction = useRegisterUserAction();
 
   const closeUpdate = async () => {
-    await registerUserAction.mutateAsync("september_update_closed");
+    await registerUserAction.mutateAsync("december_update_closed");
   };
 
   const logout = useLogoutUser();
@@ -182,14 +182,14 @@ export const AdminLayout = ({ children }: LayoutProps) => {
                   } relative z-10 mb-6 flex pb-2 w-52 flex-col items-center justify-start rounded-md border border-mineshaft-600 bg-mineshaft-900 px-3`}
                 >
                   <div className="text-md mt-2 w-full font-semibold text-mineshaft-100">
-                    Infisical September update
+                    Infisical December update
                   </div>
                   <div className="mt-1 mb-1 w-full text-sm font-normal leading-[1.2rem] text-mineshaft-300">
-                    Improved RBAC, new integrations, dashboard remake, and more!
+                    Infisical Agent, new SDKs, Machine Identities, and more!
                   </div>
                   <div className="mt-2 h-[6.77rem] w-full rounded-md border border-mineshaft-700">
                     <Image
-                      src="/images/infisical-update-september-2023.png"
+                      src="/images/infisical-update-december-2023.png"
                       height={319}
                       width={539}
                       alt="kubernetes image"
@@ -205,7 +205,7 @@ export const AdminLayout = ({ children }: LayoutProps) => {
                       Close
                     </button>
                     <a
-                      href="https://infisical.com/blog/infisical-update-september-2023"
+                      href="https://infisical.com/blog/infisical-update-december-2023"
                       target="_blank"
                       rel="noopener noreferrer"
                       className="text-sm font-normal leading-[1.2rem] text-mineshaft-400 duration-200 hover:text-mineshaft-100"

frontend/src/layouts/AppLayout/AppLayout.tsx

@@ -121,7 +121,7 @@ export const AppLayout = ({ children }: LayoutProps) => {
   const { user } = useUser();
   const { subscription } = useSubscription();
   const workspaceId = currentWorkspace?._id || "";
-  const { data: updateClosed } = useGetUserAction("september_update_closed");
+  const { data: updateClosed } = useGetUserAction("december_update_closed");
 
   const { data: secretApprovalReqCount } = useGetSecretApprovalRequestCount({ workspaceId });
 
@@ -153,7 +153,7 @@ export const AppLayout = ({ children }: LayoutProps) => {
   const registerUserAction = useRegisterUserAction();
 
   const closeUpdate = async () => {
-    await registerUserAction.mutateAsync("september_update_closed");
+    await registerUserAction.mutateAsync("december_update_closed");
   };
 
   const logout = useLogoutUser();
@@ -646,14 +646,14 @@ export const AppLayout = ({ children }: LayoutProps) => {
                   } relative z-10 mb-6 flex h-64 w-52 flex-col items-center justify-start rounded-md border border-mineshaft-600 bg-mineshaft-900 px-3`}
                 >
                   <div className="text-md mt-2 w-full font-semibold text-mineshaft-100">
-                    Infisical September update
+                    Infisical December update
                   </div>
                   <div className="mt-1 mb-1 w-full text-sm font-normal leading-[1.2rem] text-mineshaft-300">
-                    Improved RBAC, new integrations, dashboard remake, and more!
+                    Infisical Agent, new SDKs, Machine Identities, and more!
                   </div>
                   <div className="mt-2 h-[6.77rem] w-full rounded-md border border-mineshaft-700">
                     <Image
-                      src="/images/infisical-update-september-2023.png"
+                      src="/images/infisical-update-december-2023.png"
                       height={319}
                       width={539}
                       alt="kubernetes image"
@@ -669,7 +669,7 @@ export const AppLayout = ({ children }: LayoutProps) => {
                       Close
                     </button>
                     <a
-                      href="https://infisical.com/blog/infisical-update-september-2023"
+                      href="https://infisical.com/blog/infisical-update-december-2023"
                       target="_blank"
                       rel="noopener noreferrer"
                       className="text-sm font-normal leading-[1.2rem] text-mineshaft-400 duration-200 hover:text-mineshaft-100"

frontend/src/views/Login/Login.tsx

@@ -7,9 +7,9 @@ import { getAuthToken, isLoggedIn } from "@app/reactQuery";
 
 import { 
     InitialStep,
-    LDAPStep,
     MFAStep,
-    SAMLSSOStep} from "./components";
+    SAMLSSOStep
+} from "./components";
 // import { navigateUserToOrg } from "../../Login.utils";
 import { navigateUserToOrg } from "./Login.utils";
 
@@ -73,10 +73,7 @@ export const Login = () => {
                 return (
                     <SAMLSSOStep setStep={setStep} />
                 );
-            case 3:
-                return (
-                    <LDAPStep setStep={setStep} />
-                );
+            
             default:
                 return <div />;
         }

frontend/src/views/Login/components/InitialStep/InitialStep.tsx

@@ -179,20 +179,7 @@ export const InitialStep = ({ setStep, email, setEmail, password, setPassword }:
           leftIcon={<FontAwesomeIcon icon={faLock} className="mr-2" />}
           className="mx-0 h-10 w-full"
         >
-          Continue with SAML
-        </Button>
-      </div>
-      <div className="mt-2 w-1/4 min-w-[21.2rem] rounded-md text-center md:min-w-[20.1rem] lg:w-1/6">
-        <Button
-          colorSchema="primary"
-          variant="outline_bg"
-          onClick={() => {
-            setStep(3);
-          }}
-          leftIcon={<FontAwesomeIcon icon={faLock} className="mr-2" />}
-          className="mx-0 h-10 w-full"
-        >
-          Continue with LDAP
+          Continue with SSO
         </Button>
       </div>
       <div className="my-4 flex w-1/4 min-w-[20rem] flex-row items-center py-2 lg:w-1/6">

frontend/src/views/Login/components/LDAPStep/LDAPStep.tsx

@@ -1,128 +0,0 @@
-import { useState } from "react";
-import { useTranslation } from "react-i18next";
-
-import { useNotificationContext } from "@app/components/context/Notifications/NotificationProvider";
-import { Button, Input } from "@app/components/v2";
-import { loginLDAPRedirect } from "@app/hooks/api/auth/queries";
-
-type Props = {
-    setStep: (step: number) => void;
-}
-
-export const LDAPStep = ({
-    setStep
-}: Props) => {
-    const { createNotification } = useNotificationContext();
-    const [organizationId, setOrganizationId] = useState("");
-    const [username, setUsername] = useState("");
-    const [password, setPassword] = useState("");
-    
-    const { t } = useTranslation();
-
-    // const queryParams = new URLSearchParams(window.location.search);
-
-    const handleSubmission = async (e:React.FormEvent) => {
-        e.preventDefault()
-        try {
-            const { nextUrl } = await loginLDAPRedirect({
-                organizationId,
-                username,
-                password
-            });
-            
-            createNotification({
-                text: "Successfully logged in",
-                type: "success"
-            });
-
-            // redirects either to /login/sso or /signup/sso
-            window.open(nextUrl);
-            window.close();
-        } catch (err) {
-            createNotification({
-                text: "Login unsuccessful. Double-check your credentials and try again.",
-                type: "error"
-            });
-        }
-        
-        // TODO: add callback port support
-        
-        // const callbackPort = queryParams.get("callback_port");
-        // window.open(`/api/v1/ldap/redirect/saml2/${ssoIdentifier}${callbackPort ? `?callback_port=${callbackPort}` : ""}`);
-        // window.close();
-    }
-
-    return (
-        <div className="mx-auto w-full max-w-md md:px-6">
-            <p className="mx-auto mb-6 flex w-max justify-center text-xl font-medium text-transparent bg-clip-text bg-gradient-to-b from-white to-bunker-200 text-center mb-8">
-                What&apos;s your LDAP Login?
-            </p>
-            <form onSubmit={handleSubmission}>
-            <div className="relative flex items-center justify-center lg:w-1/6 w-1/4 min-w-[20rem] md:min-w-[22rem] mx-auto w-full rounded-lg max-h-24 md:max-h-28">
-                <div className="flex items-center justify-center w-full rounded-lg max-h-24 md:max-h-28">
-                <Input
-                    value={organizationId}
-                    onChange={(e) => setOrganizationId(e.target.value)}
-                    type="text"
-                    placeholder="Enter your organization ID..."
-                    isRequired
-                    autoComplete="email"
-                    id="email"
-                    className="h-12"
-                />
-                </div>
-            </div>
-            <div className="mt-2 relative flex items-center justify-center lg:w-1/6 w-1/4 min-w-[20rem] md:min-w-[22rem] mx-auto w-full rounded-lg max-h-24 md:max-h-28">
-                <div className="flex items-center justify-center w-full rounded-lg max-h-24 md:max-h-28">
-                <Input
-                    value={username}
-                    onChange={(e) => setUsername(e.target.value)}
-                    type="text"
-                    placeholder="Enter your LDAP username..."
-                    isRequired
-                    autoComplete="email"
-                    id="email"
-                    className="h-12"
-                />
-                </div>
-            </div>
-            <div className="mt-2 relative flex items-center justify-center lg:w-1/6 w-1/4 min-w-[20rem] md:min-w-[22rem] mx-auto w-full rounded-lg max-h-24 md:max-h-28">
-                <div className="flex items-center justify-center w-full rounded-lg max-h-24 md:max-h-28">
-                <Input
-                    value={password}
-                    onChange={(e) => setPassword(e.target.value)}
-                    type="password"
-                    placeholder="Enter your LDAP password..."
-                    isRequired
-                    autoComplete="current-password"
-                    id="current-password"
-                    className="select:-webkit-autofill:focus h-10"
-                />
-                </div>
-            </div>
-            <div className='lg:w-1/6 w-1/4 w-full mx-auto flex items-center justify-center min-w-[20rem] md:min-w-[22rem] text-center rounded-md mt-4'>
-                <Button
-                    type="submit" 
-                    colorSchema="primary" 
-                    variant="outline_bg"
-                    isFullWidth
-                    className="h-14"
-                > 
-                    {t("login.login")} 
-                </Button>
-            </div>
-            </form>
-            <div className="flex flex-row items-center justify-center mt-4">
-                <button
-                onClick={() => {
-                    setStep(0);
-                }}
-                type="button"
-                className="text-bunker-300 text-sm hover:underline mt-2 hover:underline-offset-4 hover:decoration-primary-700 hover:text-bunker-200 duration-200 cursor-pointer"
-                >
-                {t("login.other-option")}
-                </button>
-            </div>
-        </div>
-    );
-};

frontend/src/views/Login/components/LDAPStep/index.tsx

@@ -1 +0,0 @@
-export { LDAPStep } from "./LDAPStep";

frontend/src/views/Login/components/index.tsx

@@ -1,5 +1,4 @@
 export { InitialStep } from "./InitialStep";
-export { LDAPStep } from "./LDAPStep";
 export { MFAStep } from "./MFAStep";
 export { SAMLSSOStep } from "./SAMLSSOStep";
 

frontend/src/views/Org/MembersPage/components/OrgMembersTab/components/OrgMembersSection/OrgMembersTable.tsx

@@ -181,11 +181,7 @@ export const OrgMembersTable = ({
                 filterdUser?.map(
                   ({ user: u, inviteEmail, role, customRole, _id: orgMembershipId, status }) => {
                     const name = u ? `${u.firstName} ${u.lastName}` : "-";
-                    let email = u?.email || inviteEmail;
-                    if (email.startsWith("ldap-")) {
-                      email = "-";
-                    }
-
+                    const email = u?.email || inviteEmail;
                     return (
                       <Tr key={`org-membership-${orgMembershipId}`} className="w-full">
                         <Td>{name}</Td>

frontend/src/views/Settings/OrgSettingsPage/components/OrgAuthTab/LDAPModal.tsx

@@ -1,228 +0,0 @@
-import { useEffect } from "react";
-import { Controller, useForm } from "react-hook-form"; 
-import { yupResolver } from "@hookform/resolvers/yup";
-import * as yup from "yup";
-
-import { useNotificationContext } from "@app/components/context/Notifications/NotificationProvider";
-import {
-    Button,
-    FormControl,
-    Input,
-    Modal,
-    ModalContent,
-    TextArea
-} from "@app/components/v2";
-import { useOrganization } from "@app/context";
-import {
-    useCreateLDAPConfig,
-    useGetLDAPConfig,
-    useUpdateLDAPConfig
-} from "@app/hooks/api";
-import { UsePopUpState } from "@app/hooks/usePopUp";
-
-const schema = yup.object({
-    url: yup.string().required("URL is required"),
-    bindDN: yup.string().required("Bind DN is required"),
-    bindPass: yup.string().required("Bind Pass is required"),
-    searchBase: yup.string().required("Search Base is required"),
-    caCert: yup.string()
-}).required();
-
-export type AddLDAPFormData = yup.InferType<typeof schema>;
-
-type Props = {
-  popUp: UsePopUpState<["addLDAP"]>;
-  handlePopUpClose: (popUpName: keyof UsePopUpState<["addLDAP"]>) => void;
-  handlePopUpToggle: (popUpName: keyof UsePopUpState<["addLDAP"]>, state?: boolean) => void;
-};
-
-export const LDAPModal = ({
-    popUp,
-    handlePopUpClose,
-    handlePopUpToggle
-}: Props) => {
-    const { currentOrg } = useOrganization();
-    const { createNotification } = useNotificationContext();
-    const { mutateAsync: createMutateAsync, isLoading: createIsLoading } = useCreateLDAPConfig();
-    const { mutateAsync: updateMutateAsync, isLoading: updateIsLoading } = useUpdateLDAPConfig();
-    const { data } = useGetLDAPConfig(currentOrg?._id ?? "");
-    
-    const {
-        control,
-        handleSubmit,
-        reset,
-    } = useForm<AddLDAPFormData>({
-        resolver: yupResolver(schema)
-    });
-    
-    useEffect(() => {
-        if (data) {
-            reset({
-                url: data?.url ?? "",
-                bindDN: data?.bindDN ?? "",
-                bindPass: data?.bindPass ?? "",
-                searchBase: data?.searchBase ?? "",
-                caCert: data?.caCert ?? ""
-            });
-        }
-    }, [data]);
-    
-    const onSSOModalSubmit = async ({
-        url,
-        bindDN,
-        bindPass,
-        searchBase,
-        caCert
-    }: AddLDAPFormData) => {
-        try {
-            if (!currentOrg) return;
-            
-            if (!data) {
-                await createMutateAsync({
-                    organizationId: currentOrg._id,
-                    isActive: false,
-                    url,
-                    bindDN,
-                    bindPass,
-                    searchBase,
-                    caCert
-                });
-            } else {
-                await updateMutateAsync({
-                    organizationId: currentOrg._id,
-                    isActive: false,
-                    url,
-                    bindDN,
-                    bindPass,
-                    searchBase,
-                    caCert
-                });
-            }
-
-            handlePopUpClose("addLDAP");
-
-            createNotification({
-                text: `Successfully ${!data ? "added" : "updated"} LDAP configuration`,
-                type: "success"
-            });
-        } catch (err) {
-            console.error(err);
-            createNotification({
-                text: `Failed to ${!data ? "add" : "update"} LDAP configuration`,
-                type: "error"
-            });
-        }
-    }
-
-    return (
-        <Modal
-            isOpen={popUp?.addLDAP?.isOpen}
-                onOpenChange={(isOpen) => {
-                handlePopUpToggle("addLDAP", isOpen);
-                reset();
-            }}
-        >
-            <ModalContent title="Add LDAP">
-                <form onSubmit={handleSubmit(onSSOModalSubmit)}>
-                    <Controller
-                            control={control}
-                            name="url"
-                            render={({ field, fieldState: { error } }) => (
-                                <FormControl
-                                    label="URL"
-                                    errorText={error?.message}
-                                    isError={Boolean(error)}
-                                >
-                                    <Input 
-                                        {...field} 
-                                        placeholder="ldaps://ldap.myorg.com:636"
-                                    />
-                                </FormControl>
-                            )}
-                        />
-                        <Controller
-                            control={control}
-                            name="bindDN"
-                            render={({ field, fieldState: { error } }) => (
-                                <FormControl
-                                    label="Bind DN"
-                                    errorText={error?.message}
-                                    isError={Boolean(error)}
-                                >
-                                    <Input 
-                                        {...field} 
-                                        placeholder="cn=infisical,ou=Users,dc=example,dc=com"
-                                    />
-                                </FormControl>
-                            )}
-                        />
-                        <Controller
-                            control={control}
-                            name="bindPass"
-                            render={({ field, fieldState: { error } }) => (
-                                <FormControl
-                                    label="Bind Pass"
-                                    errorText={error?.message}
-                                    isError={Boolean(error)}
-                                >
-                                    <Input 
-                                        {...field} 
-                                        placeholder="********"
-                                    />
-                                </FormControl>
-                            )}
-                        />
-                        <Controller
-                            control={control}
-                            name="searchBase"
-                            render={({ field, fieldState: { error } }) => (
-                                <FormControl
-                                    label="Search Base / User DN"
-                                    errorText={error?.message}
-                                    isError={Boolean(error)}
-                                >
-                                    <Input 
-                                        {...field} 
-                                        placeholder="ou=people,dc=acme,dc=com"
-                                    />
-                                </FormControl>
-                            )}
-                        />
-                        <Controller
-                            control={control}
-                            name="caCert"
-                            render={({ field, fieldState: { error } }) => (
-                                <FormControl
-                                    label="CA Certificate"
-                                    errorText={error?.message}
-                                    isError={Boolean(error)}
-                                >
-                                    <TextArea 
-                                        {...field} 
-                                        placeholder="-----BEGIN CERTIFICATE----- ..."
-                                    />
-                                </FormControl>
-                            )}
-                        />
-                    <div className="mt-8 flex items-center">
-                        <Button
-                            className="mr-4"
-                            size="sm"
-                            type="submit"
-                            isLoading={createIsLoading || updateIsLoading}
-                        >
-                            {!data ? "Add" : "Update"}
-                        </Button>
-                        <Button 
-                            colorSchema="secondary" 
-                            variant="plain"
-                            onClick={() => handlePopUpClose("addLDAP")}
-                        >
-                            Cancel
-                        </Button>
-                    </div>
-                </form>
-            </ModalContent>
-        </Modal>
-    );
-}

frontend/src/views/Settings/OrgSettingsPage/components/OrgAuthTab/OrgAuthTab.tsx

@@ -1,7 +1,6 @@
 import { OrgPermissionActions, OrgPermissionSubjects } from "@app/context";
 import { withPermission } from "@app/hoc";
 
-import { OrgLDAPSection } from "./OrgLDAPSection";
 import { OrgSSOSection } from "./OrgSSOSection";
 
 export const OrgAuthTab = withPermission(
@@ -9,7 +8,6 @@ export const OrgAuthTab = withPermission(
     return (
       <div>
         <OrgSSOSection />
-        <OrgLDAPSection />
       </div>
     );
   },

frontend/src/views/Settings/OrgSettingsPage/components/OrgAuthTab/OrgLDAPSection.tsx

@@ -1,136 +0,0 @@
-import { faPlus } from "@fortawesome/free-solid-svg-icons";
-import { FontAwesomeIcon } from "@fortawesome/react-fontawesome";
-
-import { useNotificationContext } from "@app/components/context/Notifications/NotificationProvider";
-import { OrgPermissionCan } from "@app/components/permissions";
-import { Button, Switch } from "@app/components/v2";
-import {
-  OrgPermissionActions,
-  OrgPermissionSubjects,
-  useOrganization,
-} from "@app/context";
-import { 
-    useCreateLDAPConfig,
-    useGetLDAPConfig,
-    useUpdateLDAPConfig} from "@app/hooks/api";
-import { usePopUp } from "@app/hooks/usePopUp";
-
-import { LDAPModal } from "./LDAPModal";
-
-export const OrgLDAPSection = (): JSX.Element => {
-  const { currentOrg } = useOrganization();
-  const { createNotification } = useNotificationContext();
-  const { data, isLoading } = useGetLDAPConfig(currentOrg?._id ?? "");
-  const { mutateAsync } = useUpdateLDAPConfig();
-  const { popUp, handlePopUpOpen, handlePopUpClose, handlePopUpToggle } = usePopUp([
-    "addLDAP"
-  ] as const);
-  
-  const { mutateAsync: createMutateAsync } = useCreateLDAPConfig();
-
-  const handleSamlSSOToggle = async (value: boolean) => {
-    try {
-      if (!currentOrg?._id) return;
-
-      await mutateAsync({
-        organizationId: currentOrg?._id,
-        isActive: value
-      });
-
-      createNotification({
-        text: `Successfully ${value ? "enabled" : "disabled"} LDAP`,
-        type: "success"
-      });
-    } catch (err) {
-      console.error(err);
-      createNotification({
-        text: `Failed to ${value ? "enable" : "disable"} LDAP`,
-        type: "error"
-      });
-    }
-  };
-
-  const addLDAPBtnClick = async () => {
-    try {
-      if (currentOrg) {
-        if (!data) {
-          // case: LDAP is not configured
-          // -> initialize empty LDAP configuration
-          await createMutateAsync({
-            organizationId: currentOrg._id,
-            isActive: false,
-            url: "",
-            bindDN: "",
-            bindPass: "",
-            searchBase: "",
-          });
-        }
-
-        handlePopUpOpen("addLDAP");
-      }
-    } catch (err) {
-      console.error(err);
-    }
-  };
-
-  return (
-    <div className="p-4 bg-mineshaft-900 mb-6 rounded-lg border border-mineshaft-600">
-      <div className="flex items-center mb-8">
-        <h2 className="text-xl font-semibold flex-1 text-white">LDAP Configuration</h2>
-        {!isLoading && (
-          <OrgPermissionCan I={OrgPermissionActions.Create} a={OrgPermissionSubjects.Sso}>
-            {(isAllowed) => (
-              <Button
-                onClick={addLDAPBtnClick}
-                colorSchema="secondary"
-                isDisabled={!isAllowed}
-                leftIcon={<FontAwesomeIcon icon={faPlus} />}
-              >
-                {data ? "Update LDAP" : "Set up LDAP"}
-              </Button>
-            )}
-          </OrgPermissionCan>
-        )}
-      </div>
-      {data && (
-        <div className="mb-4">
-          <OrgPermissionCan I={OrgPermissionActions.Edit} a={OrgPermissionSubjects.Sso}>
-            {(isAllowed) => (
-              <Switch
-                id="enable-saml-sso"
-                onCheckedChange={(value) => handleSamlSSOToggle(value)}
-                isChecked={data ? data.isActive : false}
-                isDisabled={!isAllowed}
-              >
-                Enable LDAP
-              </Switch>
-            )}
-          </OrgPermissionCan>
-        </div>
-      )}
-      <div className="mb-4">
-        <h3 className="text-mineshaft-400 text-sm">URL</h3>
-        <p className="text-gray-400 text-md">{data && data.url !== "" ? data.url : "-"}</p>
-      </div>
-      <div className="mb-4">
-        <h3 className="text-mineshaft-400 text-sm">Bind DN</h3>
-        <p className="text-gray-400 text-md">{data && data.bindDN !== "" ? data.bindDN : "-"}</p>
-      </div>
-      <div className="mb-4">
-        <h3 className="text-mineshaft-400 text-sm">Bind Pass</h3>
-        <p className="text-gray-400 text-md">
-          {data && data.bindPass !== "" ? "*".repeat(data.bindPass.length) : "-"}
-        </p>
-      </div>
-      <div className="mb-4">
-        <h3 className="text-mineshaft-400 text-sm">Search Base / User DN</h3>
-        <p className="text-gray-400 text-md">{data && data.searchBase !== "" ? data.searchBase : "-"}</p>
-      </div>
-      <LDAPModal
-        popUp={popUp}
-        handlePopUpClose={handlePopUpClose}
-        handlePopUpToggle={handlePopUpToggle}
-      />
-    </div>
-  );
-};