bitwarden · JaredScar · Apr 9, 2026 · Apr 6, 2026 · Apr 6, 2026 · Apr 7, 2026
@@ -160,13 +160,10 @@
                     <input type="checkbox" class="form-check-input" asp-for="UsePhishingBlocker" disabled='@(canEditPlan ? null : "disabled")'>
                     <label class="form-check-label" asp-for="UsePhishingBlocker"></label>
                 </div>
-                @if(FeatureService.IsEnabled(FeatureFlagKeys.AutomaticConfirmUsers))
-                {
-                    <div class="form-check">
-                        <input type="checkbox" class="form-check-input" asp-for="UseAutomaticUserConfirmation" disabled='@(canEditPlan ? null : "disabled")'>
-                        <label class="form-check-label" asp-for="UseAutomaticUserConfirmation"></label>
-                    </div>
-                }
+                <div class="form-check">
+                    <input type="checkbox" class="form-check-input" asp-for="UseAutomaticUserConfirmation" disabled='@(canEditPlan ? null : "disabled")'>
+                    <label class="form-check-label" asp-for="UseAutomaticUserConfirmation"></label>
+                </div>
             </div>
             <div class="col-3">
                 <h3>Password Manager</h3>

@@ -807,7 +807,6 @@ public async Task PatchBulkEnableSecretsManagerAsync(Guid orgId,
 
     [HttpPost("{id}/auto-confirm")]
     [Authorize<ManageUsersRequirement>]
-    [RequireFeature(FeatureFlagKeys.AutomaticConfirmUsers)]
     public async Task<IResult> AutomaticallyConfirmOrganizationUserAsync([FromRoute] Guid orgId,
         [FromRoute] Guid id,
         [FromBody] OrganizationUserConfirmRequestModel model)

@@ -28,7 +28,6 @@ public class AcceptOrgUserCommand : IAcceptOrgUserCommand
     private readonly IUserRepository _userRepository;
     private readonly ITwoFactorIsEnabledQuery _twoFactorIsEnabledQuery;
     private readonly IDataProtectorTokenFactory<OrgUserInviteTokenable> _orgUserInviteTokenDataFactory;
-    private readonly IFeatureService _featureService;
     private readonly IPolicyRequirementQuery _policyRequirementQuery;
     private readonly IAutomaticUserConfirmationPolicyEnforcementValidator _automaticUserConfirmationPolicyEnforcementValidator;
     private readonly IPushAutoConfirmNotificationCommand _pushAutoConfirmNotificationCommand;
@@ -41,7 +40,6 @@ public AcceptOrgUserCommand(
         IUserRepository userRepository,
         ITwoFactorIsEnabledQuery twoFactorIsEnabledQuery,
         IDataProtectorTokenFactory<OrgUserInviteTokenable> orgUserInviteTokenDataFactory,
-        IFeatureService featureService,
         IPolicyRequirementQuery policyRequirementQuery,
         IAutomaticUserConfirmationPolicyEnforcementValidator automaticUserConfirmationPolicyEnforcementValidator,
         IPushAutoConfirmNotificationCommand pushAutoConfirmNotificationCommand,
@@ -53,7 +51,6 @@ public AcceptOrgUserCommand(
         _userRepository = userRepository;
         _twoFactorIsEnabledQuery = twoFactorIsEnabledQuery;
         _orgUserInviteTokenDataFactory = orgUserInviteTokenDataFactory;
-        _featureService = featureService;
         _policyRequirementQuery = policyRequirementQuery;
         _automaticUserConfirmationPolicyEnforcementValidator = automaticUserConfirmationPolicyEnforcementValidator;
         _pushAutoConfirmNotificationCommand = pushAutoConfirmNotificationCommand;
@@ -169,10 +166,7 @@ public async Task<OrganizationUser> AcceptOrgUserAsync(OrganizationUser orgUser,
 
         var allOrgUsers = await _organizationUserRepository.GetManyByUserAsync(user.Id);
 
-        if (_featureService.IsEnabled(FeatureFlagKeys.AutomaticConfirmUsers))
-        {
-            await HandleAutomaticUserConfirmationPolicyAsync(orgUser, allOrgUsers, user);
-        }
+        await HandleAutomaticUserConfirmationPolicyAsync(orgUser, allOrgUsers, user);
 
         await ValidateSingleOrganizationPolicyAsync(orgUser, allOrgUsers, user);
 
@@ -194,10 +188,7 @@ public async Task<OrganizationUser> AcceptOrgUserAsync(OrganizationUser orgUser,
             await _mailService.SendOrganizationAcceptedEmailAsync(organization, user.Email, adminEmails);
         }
 
-        if (_featureService.IsEnabled(FeatureFlagKeys.AutomaticConfirmUsers))
-        {
-            await _pushAutoConfirmNotificationCommand.PushAsync(user.Id, orgUser.OrganizationId);
-        }
+        await _pushAutoConfirmNotificationCommand.PushAsync(user.Id, orgUser.OrganizationId);
 
         return orgUser;
     }

@@ -31,7 +31,6 @@ public class ConfirmOrganizationUserCommand : IConfirmOrganizationUserCommand
     private readonly IPushRegistrationService _pushRegistrationService;
     private readonly IDeviceRepository _deviceRepository;
     private readonly IPolicyRequirementQuery _policyRequirementQuery;
-    private readonly IFeatureService _featureService;
     private readonly ICollectionRepository _collectionRepository;
     private readonly IAutomaticUserConfirmationPolicyEnforcementValidator _automaticUserConfirmationPolicyEnforcementValidator;
     private readonly ISendOrganizationConfirmationCommand _sendOrganizationConfirmationCommand;
@@ -47,7 +46,6 @@ public ConfirmOrganizationUserCommand(
         IPushRegistrationService pushRegistrationService,
         IDeviceRepository deviceRepository,
         IPolicyRequirementQuery policyRequirementQuery,
-        IFeatureService featureService,
         ICollectionRepository collectionRepository,
         IAutomaticUserConfirmationPolicyEnforcementValidator automaticUserConfirmationPolicyEnforcementValidator,
         ISendOrganizationConfirmationCommand sendOrganizationConfirmationCommand,
@@ -62,7 +60,6 @@ public ConfirmOrganizationUserCommand(
         _pushRegistrationService = pushRegistrationService;
         _deviceRepository = deviceRepository;
         _policyRequirementQuery = policyRequirementQuery;
-        _featureService = featureService;
         _collectionRepository = collectionRepository;
         _automaticUserConfirmationPolicyEnforcementValidator = automaticUserConfirmationPolicyEnforcementValidator;
         _sendOrganizationConfirmationCommand = sendOrganizationConfirmationCommand;
@@ -188,31 +185,28 @@ private async Task CheckPoliciesAsync(Guid organizationId, User user,
         // Enforce Two Factor Authentication Policy for this organization
         await ValidateTwoFactorAuthenticationPolicyAsync(user, organizationId, userTwoFactorEnabled);
 
-        if (_featureService.IsEnabled(FeatureFlagKeys.AutomaticConfirmUsers))
+        var policyRequirement = await _policyRequirementQuery.GetAsync<AutomaticUserConfirmationPolicyRequirement>(
+            user.Id);
+
+        var error = (await _automaticUserConfirmationPolicyEnforcementValidator.IsCompliantAsync(
+                new AutomaticUserConfirmationPolicyEnforcementRequest(
+                    organizationId,
+                    orgUsers,
+                    user),
+                policyRequirement))
+            .Match(
+                error => new BadRequestException(error.Message),
+                _ => null
+            );
+
+        if (error is not null)
         {
-            var policyRequirement = await _policyRequirementQuery.GetAsync<AutomaticUserConfirmationPolicyRequirement>(
-                user.Id);
-
-            var error = (await _automaticUserConfirmationPolicyEnforcementValidator.IsCompliantAsync(
-                    new AutomaticUserConfirmationPolicyEnforcementRequest(
-                        organizationId,
-                        orgUsers,
-                        user),
-                    policyRequirement))
-                .Match(
-                    error => new BadRequestException(error.Message),
-                    _ => null
-                );
-
-            if (error is not null)
-            {
-                throw error;
-            }
+            throw error;
+        }
 
-            if (policyRequirement.IsEnabled(organizationId))
-            {
-                await _deleteEmergencyAccessCommand.DeleteAllByUserIdAsync(user.Id);
-            }
+        if (policyRequirement.IsEnabled(organizationId))
+        {
+            await _deleteEmergencyAccessCommand.DeleteAllByUserIdAsync(user.Id);
         }
 
         var singleOrgRequirement = await _policyRequirementQuery.GetAsync<SingleOrganizationPolicyRequirement>(user.Id);

@@ -28,7 +28,6 @@ public class RestoreOrganizationUserCommand(
     ITwoFactorIsEnabledQuery twoFactorIsEnabledQuery,
     IUserRepository userRepository,
     IOrganizationService organizationService,
-    IFeatureService featureService,
     IPolicyRequirementQuery policyRequirementQuery,
     ICollectionRepository collectionRepository,
     IAutomaticUserConfirmationPolicyEnforcementValidator automaticUserConfirmationPolicyEnforcementValidator,
@@ -341,30 +340,27 @@ private async Task CheckPoliciesBeforeRestoreAsync(OrganizationUser orgUser, boo
             throw new BadRequestException(user.Email + " is not compliant with the two-step login policy");
         }
 
-        if (featureService.IsEnabled(FeatureFlagKeys.AutomaticConfirmUsers))
-        {
-            var policyRequirement = await policyRequirementQuery.GetAsync<AutomaticUserConfirmationPolicyRequirement>(
-                user.Id);
+        var policyRequirement = await policyRequirementQuery.GetAsync<AutomaticUserConfirmationPolicyRequirement>(
+            user.Id);
 
-            var validationResult = await automaticUserConfirmationPolicyEnforcementValidator.IsCompliantAsync(
-                new AutomaticUserConfirmationPolicyEnforcementRequest(orgUser.OrganizationId, allOrgUsers, user!),
-                policyRequirement);
+        var validationResult = await automaticUserConfirmationPolicyEnforcementValidator.IsCompliantAsync(
+            new AutomaticUserConfirmationPolicyEnforcementRequest(orgUser.OrganizationId, allOrgUsers, user!),
+            policyRequirement);
 
-            var badRequestException = validationResult.Match(
-                error => new BadRequestException(user.Email +
-                                                 " is not compliant with the automatic user confirmation policy: " +
-                                                 error.Message),
-                _ => null);
+        var badRequestException = validationResult.Match(
+            error => new BadRequestException(user.Email +
+                                             " is not compliant with the automatic user confirmation policy: " +
+                                             error.Message),
+            _ => null);
 
-            if (badRequestException is not null)
-            {
-                throw badRequestException;
-            }
+        if (badRequestException is not null)
+        {
+            throw badRequestException;
+        }
 
-            if (policyRequirement.IsEnabled(orgUser.OrganizationId))
-            {
-                await deleteEmergencyAccessCommand.DeleteAllByUserIdAsync(user.Id);
-            }
+        if (policyRequirement.IsEnabled(orgUser.OrganizationId))
+        {
+            await deleteEmergencyAccessCommand.DeleteAllByUserIdAsync(user.Id);
         }
     }
 

@@ -43,8 +43,7 @@ public class CloudOrganizationSignUpCommand(
     ICollectionRepository collectionRepository,
     IDeviceRepository deviceRepository,
     IPricingClient pricingClient,
-    IPolicyRequirementQuery policyRequirementQuery,
-    IFeatureService featureService) : ICloudOrganizationSignUpCommand
+    IPolicyRequirementQuery policyRequirementQuery) : ICloudOrganizationSignUpCommand
 {
     public async Task<SignUpOrganizationResponse> SignUpOrganizationAsync(OrganizationSignup signup)
     {
@@ -239,15 +238,12 @@ private static void ValidatePlan(Plan plan, int additionalSeats, string productT
 
     private async Task ValidateSignUpPoliciesAsync(Guid ownerId)
     {
-        if (featureService.IsEnabled(FeatureFlagKeys.AutomaticConfirmUsers))
-        {
-            var requirement = await policyRequirementQuery.GetAsync<AutomaticUserConfirmationPolicyRequirement>(ownerId);
+        var requirement = await policyRequirementQuery.GetAsync<AutomaticUserConfirmationPolicyRequirement>(ownerId);
 
-            if (requirement.CannotCreateNewOrganization())
-            {
-                throw new BadRequestException("You may not create an organization. You belong to an organization " +
-                                              "which has a policy that prohibits you from being a member of any other organization.");
-            }
+        if (requirement.CannotCreateNewOrganization())
+        {
+            throw new BadRequestException("You may not create an organization. You belong to an organization " +
+                                          "which has a policy that prohibits you from being a member of any other organization.");
         }
 
         var singleOrgRequirement = await policyRequirementQuery.GetAsync<SingleOrganizationPolicyRequirement>(ownerId);

@@ -11,7 +11,6 @@
 using Bit.Core.Entities;
 using Bit.Core.Enums;
 using Bit.Core.Repositories;
-using Bit.Core.Services;
 using Bit.Core.Tokens;
 using static Bit.Core.AdminConsole.Utilities.v2.Validation.ValidationResultHelpers;
 using Error = Bit.Core.AdminConsole.Utilities.v2.Error;
@@ -30,22 +29,19 @@ Task<ValidationResult<InitPendingOrganizationValidationRequest>> ValidateAsync(
 public class InitPendingOrganizationValidator : IInitPendingOrganizationValidator
 {
     private readonly IDataProtectorTokenFactory<OrgUserInviteTokenable> _orgUserInviteTokenDataFactory;
-    private readonly IFeatureService _featureService;
     private readonly IPolicyService _policyService;
     private readonly IPolicyRequirementQuery _policyRequirementQuery;
     private readonly ITwoFactorIsEnabledQuery _twoFactorIsEnabledQuery;
     private readonly IOrganizationUserRepository _organizationUserRepository;
 
     public InitPendingOrganizationValidator(
         IDataProtectorTokenFactory<OrgUserInviteTokenable> orgUserInviteTokenDataFactory,
-        IFeatureService featureService,
         IPolicyService policyService,
         IPolicyRequirementQuery policyRequirementQuery,
         ITwoFactorIsEnabledQuery twoFactorIsEnabledQuery,
         IOrganizationUserRepository organizationUserRepository)
     {
         _orgUserInviteTokenDataFactory = orgUserInviteTokenDataFactory;
-        _featureService = featureService;
         _policyService = policyService;
         _policyRequirementQuery = policyRequirementQuery;
         _twoFactorIsEnabledQuery = twoFactorIsEnabledQuery;
@@ -143,13 +139,10 @@ private bool ValidateInviteToken(OrganizationUser orgUser, User user, string ema
 
     private async Task<Error?> ValidatePoliciesAsync(User user, Guid organizationId)
     {
-        if (_featureService.IsEnabled(FeatureFlagKeys.AutomaticConfirmUsers))
+        var autoConfirmReq = await _policyRequirementQuery.GetAsync<AutomaticUserConfirmationPolicyRequirement>(user.Id);
+        if (autoConfirmReq.CannotCreateNewOrganization())
         {
-            var autoConfirmReq = await _policyRequirementQuery.GetAsync<AutomaticUserConfirmationPolicyRequirement>(user.Id);
-            if (autoConfirmReq.CannotCreateNewOrganization())
-            {
-                return new SingleOrgPolicyViolationError();
-            }
+            return new SingleOrgPolicyViolationError();
         }
 
         var anySingleOrgPolicies = await _policyService.AnyPoliciesApplicableToUserAsync(user.Id, PolicyType.SingleOrg);

@@ -31,7 +31,6 @@ public class SelfHostedOrganizationSignUpCommand : ISelfHostedOrganizationSignUp
     private readonly ILicensingService _licensingService;
     private readonly IGlobalSettings _globalSettings;
     private readonly IStripePaymentService _paymentService;
-    private readonly IFeatureService _featureService;
     private readonly IPolicyRequirementQuery _policyRequirementQuery;
 
     public SelfHostedOrganizationSignUpCommand(
@@ -46,7 +45,6 @@ public SelfHostedOrganizationSignUpCommand(
         ILicensingService licensingService,
         IGlobalSettings globalSettings,
         IStripePaymentService paymentService,
-        IFeatureService featureService,
         IPolicyRequirementQuery policyRequirementQuery)
     {
         _organizationRepository = organizationRepository;
@@ -60,7 +58,6 @@ public SelfHostedOrganizationSignUpCommand(
         _licensingService = licensingService;
         _globalSettings = globalSettings;
         _paymentService = paymentService;
-        _featureService = featureService;
         _policyRequirementQuery = policyRequirementQuery;
     }
 
@@ -107,15 +104,12 @@ public SelfHostedOrganizationSignUpCommand(
 
     private async Task ValidateSignUpPoliciesAsync(Guid ownerId)
     {
-        if (_featureService.IsEnabled(FeatureFlagKeys.AutomaticConfirmUsers))
-        {
-            var requirement = await _policyRequirementQuery.GetAsync<AutomaticUserConfirmationPolicyRequirement>(ownerId);
+        var requirement = await _policyRequirementQuery.GetAsync<AutomaticUserConfirmationPolicyRequirement>(ownerId);
 
-            if (requirement.CannotCreateNewOrganization())
-            {
-                throw new BadRequestException("You may not create an organization. You belong to an organization " +
-                                              "which has a policy that prohibits you from being a member of any other organization.");
-            }
+        if (requirement.CannotCreateNewOrganization())
+        {
+            throw new BadRequestException("You may not create an organization. You belong to an organization " +
+                                          "which has a policy that prohibits you from being a member of any other organization.");
         }
 
         var singleOrgRequirement = await _policyRequirementQuery.GetAsync<SingleOrganizationPolicyRequirement>(ownerId);