bitwarden · JaredScar · Apr 21, 2026 · Apr 21, 2026 · Apr 23, 2026 · Apr 24, 2026
@@ -0,0 +1,60 @@
+using Bit.Api.AdminConsole.Authorization;
+using Bit.Core.AdminConsole.Entities;
+using Bit.Core.Exceptions;
+using Bit.Core.Repositories;
+using Microsoft.AspNetCore.Mvc;
+using Microsoft.AspNetCore.Mvc.ModelBinding;
+
+namespace Bit.Api.AdminConsole.Attributes;
+
+/// <summary>
+/// Binds an <see cref="Organization"/> parameter by loading it from the database
+/// using the <c>orgId</c> or <c>organizationId</c> route parameter.
+/// </summary>
+/// <remarks>
+/// If the organization is not found, a <see cref="NotFoundException"/> is thrown.
+/// </remarks>
+/// <example>
+/// <code><![CDATA[
+/// [HttpPost("bulk-auto-confirm")]
+/// public async Task<IResult> BulkAutomaticallyConfirmOrganizationUsersAsync(
+///     [BindOrganization] Organization organization,
+///     [FromBody] OrganizationUserBulkConfirmRequestModel model)
+/// ]]></code>
+/// </example>
+[AttributeUsage(AttributeTargets.Parameter)]
+public sealed class BindOrganizationAttribute() : ModelBinderAttribute(typeof(OrganizationModelBinder));
+
+/// <summary>
+/// Custom model binder that loads an <see cref="Organization"/> from the database
+/// using the <c>orgId</c> or <c>organizationId</c> route parameter and binds it to the parameter.
+/// </summary>
+/// <remarks>
+/// This binder is used via the <see cref="BindOrganizationAttribute"/>.
+/// </remarks>
+public class OrganizationModelBinder : IModelBinder
+{
+    public async Task BindModelAsync(ModelBindingContext bindingContext)
+    {
+        Guid orgId;
+        try
+        {
+            orgId = bindingContext.HttpContext.GetOrganizationId();
+        }
+        catch (InvalidOperationException)
+        {
+            throw new BadRequestException("Route parameter 'orgId' or 'organizationId' is missing or invalid.");
+        }
+
+        var repo = bindingContext.HttpContext.RequestServices
+            .GetRequiredService<IOrganizationRepository>();
+
+        var organization = await repo.GetByIdAsync(orgId);
+        if (organization is null)
+        {
+            throw new NotFoundException();
+        }
+
+        bindingContext.Result = ModelBindingResult.Success(organization);
+    }
+}
@@ -10,6 +10,7 @@
 using Bit.Api.AdminConsole.Models.Response.Organizations;
 using Bit.Api.Models.Response;
 using Bit.Core;
+using Bit.Core.AdminConsole.Entities;
 using Bit.Core.AdminConsole.Models.Data;
 using Bit.Core.AdminConsole.OrganizationFeatures.AccountRecovery;
 using Bit.Core.AdminConsole.OrganizationFeatures.Organizations;
@@ -72,11 +73,13 @@ public class OrganizationUsersController : BaseAdminConsoleController
     private readonly IDeleteClaimedOrganizationUserAccountCommand _deleteClaimedOrganizationUserAccountCommand;
     private readonly IGetOrganizationUsersClaimedStatusQuery _getOrganizationUsersClaimedStatusQuery;
     private readonly IPolicyRequirementQuery _policyRequirementQuery;
+    private readonly IGetPendingAutoConfirmUsersQuery _getPendingAutoConfirmUsersQuery;
     private readonly IFeatureService _featureService;
     private readonly IPricingClient _pricingClient;
     private readonly IResendOrganizationInviteCommand _resendOrganizationInviteCommand;
     private readonly IBulkResendOrganizationInvitesCommand _bulkResendOrganizationInvitesCommand;
     private readonly IAutomaticallyConfirmOrganizationUserCommand _automaticallyConfirmOrganizationUserCommand;
+    private readonly IBulkAutomaticallyConfirmOrganizationUsersCommand _bulkAutomaticallyConfirmOrganizationUsersCommand;
     private readonly V2_RevokeOrganizationUserCommand.IRevokeOrganizationUserCommand _revokeOrganizationUserCommandVNext;
     private readonly IConfirmOrganizationUserCommand _confirmOrganizationUserCommand;
     private readonly IRestoreOrganizationUserCommand _restoreOrganizationUserCommand;
@@ -117,9 +120,11 @@ public OrganizationUsersController(IOrganizationRepository organizationRepositor
         IAdminRecoverAccountCommand adminRecoverAccountCommand,
         AccountRecoveryV2.IAdminRecoverAccountCommand adminRecoverAccountCommandV2,
         IAutomaticallyConfirmOrganizationUserCommand automaticallyConfirmOrganizationUserCommand,
+        IBulkAutomaticallyConfirmOrganizationUsersCommand bulkAutomaticallyConfirmOrganizationUsersCommand,
         V2_RevokeOrganizationUserCommand.IRevokeOrganizationUserCommand revokeOrganizationUserCommandVNext,
         ISelfRevokeOrganizationUserCommand selfRevokeOrganizationUserCommand,
-        IUpdateUserResetPasswordEnrollmentCommand updateUserResetPasswordEnrollmentCommand)
+        IUpdateUserResetPasswordEnrollmentCommand updateUserResetPasswordEnrollmentCommand,
+        IGetPendingAutoConfirmUsersQuery getPendingAutoConfirmUsersQuery)
     {
         _organizationRepository = organizationRepository;
         _organizationUserRepository = organizationUserRepository;
@@ -140,11 +145,13 @@ public OrganizationUsersController(IOrganizationRepository organizationRepositor
         _deleteClaimedOrganizationUserAccountCommand = deleteClaimedOrganizationUserAccountCommand;
         _getOrganizationUsersClaimedStatusQuery = getOrganizationUsersClaimedStatusQuery;
         _policyRequirementQuery = policyRequirementQuery;
+        _getPendingAutoConfirmUsersQuery = getPendingAutoConfirmUsersQuery;
         _featureService = featureService;
         _pricingClient = pricingClient;
         _resendOrganizationInviteCommand = resendOrganizationInviteCommand;
         _bulkResendOrganizationInvitesCommand = bulkResendOrganizationInvitesCommand;
         _automaticallyConfirmOrganizationUserCommand = automaticallyConfirmOrganizationUserCommand;
+        _bulkAutomaticallyConfirmOrganizationUsersCommand = bulkAutomaticallyConfirmOrganizationUsersCommand;
         _revokeOrganizationUserCommandVNext = revokeOrganizationUserCommandVNext;
         _confirmOrganizationUserCommand = confirmOrganizationUserCommand;
         _restoreOrganizationUserCommand = restoreOrganizationUserCommand;
@@ -229,10 +236,11 @@ private ListResponseModel<OrganizationUserUserDetailsResponseModel> GetResultLis
 
     [HttpGet("{id}/reset-password-details")]
     [Authorize<ManageAccountRecoveryRequirement>]
-    public async Task<OrganizationUserResetPasswordDetailsResponseModel> GetResetPasswordDetails(Guid orgId, Guid id)
+    public async Task<OrganizationUserResetPasswordDetailsResponseModel> GetResetPasswordDetails(Guid id,
+        [BindOrganization] Organization organization)
     {
         var organizationUser = await _organizationUserRepository.GetByIdAsync(id);
-        if (organizationUser is null || organizationUser.OrganizationId != orgId || organizationUser.UserId is null)
+        if (organizationUser is null || organizationUser.OrganizationId != organization.Id || organizationUser.UserId is null)
         {
             throw new NotFoundException();
         }
@@ -245,14 +253,7 @@ public async Task<OrganizationUserResetPasswordDetailsResponseModel> GetResetPas
             throw new NotFoundException();
         }
 
-        // Retrieve Encrypted Private Key from organization
-        var org = await _organizationRepository.GetByIdAsync(orgId);
-        if (org == null)
-        {
-            throw new NotFoundException();
-        }
-
-        return new OrganizationUserResetPasswordDetailsResponseModel(new OrganizationUserResetPasswordDetails(organizationUser, user, org));
+        return new OrganizationUserResetPasswordDetailsResponseModel(new OrganizationUserResetPasswordDetails(organizationUser, user, organization));
     }
 
     [HttpPost("account-recovery-details")]
@@ -797,7 +798,6 @@ public async Task<IResult> AutomaticallyConfirmOrganizationUserAsync([FromRoute]
         {
             return TypedResults.Unauthorized();
         }
-
         return Handle(await _automaticallyConfirmOrganizationUserCommand.AutomaticallyConfirmOrganizationUserAsync(
             new AutomaticallyConfirmOrganizationUserRequest
             {
@@ -809,6 +809,45 @@ public async Task<IResult> AutomaticallyConfirmOrganizationUserAsync([FromRoute]
             }));
     }
 
+    [HttpGet("pending-auto-confirm")]
+    [Authorize<ManageUsersRequirement>]
+    [RequireFeature(FeatureFlagKeys.BulkAutoConfirmOnLogin)]
+    public async Task<ListResponseModel<OrganizationUserPendingAutoConfirmResponseModel>> GetPendingAutoConfirmUsersAsync(Guid orgId)
+    {
+        var pendingUsers = await _getPendingAutoConfirmUsersQuery.GetPendingAutoConfirmUsersAsync(orgId);
+        return new ListResponseModel<OrganizationUserPendingAutoConfirmResponseModel>(
+            pendingUsers.Select(u => new OrganizationUserPendingAutoConfirmResponseModel(u)));
+    }
+
+    [HttpPost("bulk-auto-confirm")]
+    [Authorize<ManageUsersRequirement>]
+    [RequireFeature(FeatureFlagKeys.BulkAutoConfirmOnLogin)]
+    public async Task<ListResponseModel<OrganizationUserBulkResponseModel>> BulkAutomaticallyConfirmOrganizationUsersAsync(
+        [BindOrganization] Organization organization,
+        [FromBody] OrganizationUserBulkConfirmRequestModel model)
+    {
+        var request = new BulkAutomaticallyConfirmOrganizationUsersRequest
+        {
+            Organization = organization,
+            DefaultUserCollectionName = model.DefaultUserCollectionName,
+            UsersToConfirm = model.Keys
+                .Select(entry => new BulkAutoConfirmUserEntry
+                {
+                    OrganizationUserId = entry.Id,
+                    Key = entry.Key,
+                })
+                .ToList(),
+        };
+
+        var results = await _bulkAutomaticallyConfirmOrganizationUsersCommand.RunAsync(request);
+
+        return new ListResponseModel<OrganizationUserBulkResponseModel>(results
+            .Select(r => new OrganizationUserBulkResponseModel(r.Id,
+                r.Result.Match(
+                    error => error.Message,
+                    _ => string.Empty))));
+    }
+
     private async Task RestoreOrRevokeUserAsync(
         Guid orgId,
         Guid id,

@@ -0,0 +1,21 @@
+using Bit.Core.Entities;
+using Bit.Core.Models.Api;
+
+namespace Bit.Api.AdminConsole.Models.Response.Organizations;
+
+public class OrganizationUserPendingAutoConfirmResponseModel : ResponseModel
+{
+    public OrganizationUserPendingAutoConfirmResponseModel(OrganizationUser organizationUser)
+        : base("OrganizationUserPendingAutoConfirmResponseModel")
+    {
+        Id = organizationUser.Id;
+        UserId = organizationUser.UserId
+            ?? throw new InvalidOperationException($"OrganizationUser {organizationUser.Id} has no associated UserId.");
+    }
+
+    /// <summary>The OrganizationUser ID.</summary>
+    public Guid Id { get; set; }
+
+    /// <summary>The User ID.</summary>
+    public Guid UserId { get; set; }
+}
@@ -254,3 +254,4 @@ public OrganizationUserBulkResponseModel(Guid id, string error)
     public Guid Id { get; set; }
     public string Error { get; set; }
 }
+
@@ -164,11 +164,11 @@ private async Task<AutomaticallyConfirmOrganizationUserValidationRequest> Retrie
     {
         return new AutomaticallyConfirmOrganizationUserValidationRequest
         {
-            OrganizationUserId = request.OrganizationUserId,
-            OrganizationId = request.OrganizationId,
             Key = request.Key,
             DefaultUserCollectionName = request.DefaultUserCollectionName,
             PerformedBy = request.PerformedBy,
+            OrganizationUserId = request.OrganizationUserId,
+            OrganizationId = request.OrganizationId,
             OrganizationUser = await organizationUserRepository.GetByIdAsync(request.OrganizationUserId),
             Organization = await organizationRepository.GetByIdAsync(request.OrganizationId)
         };

@@ -5,7 +5,7 @@
 namespace Bit.Core.AdminConsole.OrganizationFeatures.OrganizationUsers.AutoConfirmUser;
 
 /// <summary>
-/// Automatically Confirm User Command Request
+/// Automatically Confirm User Command Request (single-user).
 /// </summary>
 public record AutomaticallyConfirmOrganizationUserRequest
 {
@@ -17,13 +17,40 @@ public record AutomaticallyConfirmOrganizationUserRequest
 }
 
 /// <summary>
-/// Automatically Confirm User Validation Request
+/// Hydrated request passed to the validator. Carries the retrieved <see cref="OrganizationUser"/> and
+/// <see cref="Organization"/> objects directly. <see cref="OrganizationUserId"/> and
+/// <see cref="OrganizationId"/> mirror the IDs from those objects (set explicitly to support
+/// test scenarios where the hydrated objects may be null).
 /// </summary>
-/// <remarks>
-/// This is used to hold retrieved data and pass it to the validator
-/// </remarks>
-public record AutomaticallyConfirmOrganizationUserValidationRequest : AutomaticallyConfirmOrganizationUserRequest
+public record AutomaticallyConfirmOrganizationUserValidationRequest
 {
-    public OrganizationUser? OrganizationUser { get; set; }
-    public Organization? Organization { get; set; }
+    public required string Key { get; init; }
+    public required string DefaultUserCollectionName { get; init; }
+    public OrganizationUser? OrganizationUser { get; init; }
+    public Organization? Organization { get; init; }
+    public IActingUser? PerformedBy { get; init; }
+    public Guid OrganizationUserId { get; init; }
+    public Guid OrganizationId { get; init; }
+}
+
+/// <summary>
+/// Per-user entry for a bulk auto-confirm operation, containing only the user-specific fields.
+/// </summary>
+public record BulkAutoConfirmUserEntry
+{
+    public required Guid OrganizationUserId { get; init; }
+    public required string Key { get; init; }
+}
+
+/// <summary>
+/// Top-level request for bulk automatic user confirmation.
+/// Shared fields (organization, collection name) are specified once rather than
+/// repeated on every per-user entry.
+/// </summary>
+public record BulkAutomaticallyConfirmOrganizationUsersRequest
+{
+    public required Organization Organization { get; init; }
+    public Guid OrganizationId => Organization.Id;
+    public required string DefaultUserCollectionName { get; init; }
+    public required IReadOnlyList<BulkAutoConfirmUserEntry> UsersToConfirm { get; init; }
 }
Original file line number	Diff line number	Diff line change
Expand Up		@@ -254,3 +254,4 @@ public OrganizationUserBulkResponseModel(Guid id, string error)
		public Guid Id { get; set; }
		public string Error { get; set; }
		}