Skip to content

feat(webapp): SSO & Directory Sync settings UI improvements#4196

Merged
samejr merged 14 commits into
mainfrom
feat(webapp)-sso-ui-improvements
Jul 9, 2026
Merged

feat(webapp): SSO & Directory Sync settings UI improvements#4196
samejr merged 14 commits into
mainfrom
feat(webapp)-sso-ui-improvements

Conversation

@samejr

@samejr samejr commented Jul 8, 2026

Copy link
Copy Markdown
Member

Summary

UI/layout/copy pass over the org SSO & Directory Sync settings page (formerly "Identity & Access"). No logic, gates, flags, or data flow changed — server-side auth (manage:sso), Enterprise entitlement, action validation, and data loading are all untouched.

  • Renamed the nav item, page title, and meta from "Identity & Access" to "SSO & Directory Sync".
  • Added a reusable SettingsLayout component system (container, section, header, row, block, actions) modeled on /account/security, and refactored the SSO page onto it (section titles, dividers, left title/subtitle + right action rows).
  • Tightened all UI copy: concise, active voice, consistent labels, no em-dashes.
  • Select primitive: additive wrap, popoverClassName, and placement props (all default to prior behavior) so role options show a bright title with a wrapping description, right-aligned popover, and no horizontal overflow.
  • Removed the external-link arrow icon from buttons that open a modal; kept it only on genuinely external actions (Contact us, Open in new tab).
  • Polished the admin portal link dialog: smaller description, tighter spacing, ClipboardField with a permanent copy button, removed the redundant Copy link button, and a provider-aware Open label (e.g. "Open in WorkOS") derived from the link host with a safe fallback.

SSO page UI

CleanShot 2026-07-08 at 18 52 11@2x

Login with SSO and normal email test (local)

CleanShot.2026-07-09.at.11.30.00.mp4

Test plan

  • Non-Enterprise org: SSO page shows the upsell state
  • Enterprise org, non-Owner without manage:sso: 403
  • Enterprise Owner: verify domains, configure SSO, connect directory, JIT/default/group role selects, and enforcement toggle all work
  • Role select popovers: bright title + wrapping description, right-aligned, no horizontal scroll
  • Admin portal dialog: copy button works, "Open in WorkOS" opens the portal in a new tab

samejr and others added 6 commits July 7, 2026 16:46
Apply the /account/security section/row pattern to all SSO page states:
narrower container, title+subtitle rows separated by divides instead of
bordered boxes, secondary/primary buttons, and external-link arrows.

Co-authored-by: Cursor <cursoragent@cursor.com>
Rework the settings copy for concision and accuracy: remove em-dashes,
trim filler, use active voice, and clarify role/provisioning labels
without changing described behavior.

Co-authored-by: Cursor <cursoragent@cursor.com>
…opovers

Extract a reusable SettingsLayout component system (container, section,
header, row, block, actions) and refactor the SSO & Directory Sync page
onto it. Add SelectItem `wrap`, Select `popoverClassName`, and `placement`
so role options can show a bright title with a wrapping description and
right-align the popover to the trigger.

Co-authored-by: Cursor <cursoragent@cursor.com>
These buttons open the admin portal dialog rather than navigating away,
so the top-right arrow icon was misleading. Keep it only on the genuinely
external Contact us and Open in new tab actions.

Co-authored-by: Cursor <cursoragent@cursor.com>
Tighten the copy, shrink the description, use ClipboardField with a
permanent copy button for the URL, remove the redundant Copy link footer
button, and label the Open button with the provider derived from the link
host (e.g. Open in WorkOS) with a safe fallback.

Co-authored-by: Cursor <cursoragent@cursor.com>
@changeset-bot

changeset-bot Bot commented Jul 8, 2026

Copy link
Copy Markdown

⚠️ No Changeset found

Latest commit: 875c014

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

@coderabbitai

coderabbitai Bot commented Jul 8, 2026

Copy link
Copy Markdown
Contributor

Review Change Stack

Note

Reviews paused

It looks like this branch is under active development. To avoid overwhelming you with review comments due to an influx of new commits, CodeRabbit has automatically paused this review. You can configure this behavior by changing the reviews.auto_review.auto_pause_after_reviewed_commits setting.

Use the following commands to manage reviews:

  • @coderabbitai resume to resume automatic reviews.
  • @coderabbitai review to trigger a single review.

Use the checkboxes below for quick actions:

  • ▶️ Resume reviews
  • 🔍 Trigger review

Walkthrough

This PR adds reusable settings layout primitives, extends Select with popover placement, popover class, and wrapped item support, and renames the SSO side menu label. The SSO/Directory Sync settings route is refactored across server logic, client draft/polling handling, and page UI, with updated dialogs and directory sync controls. The login.magic flow now imports a separate server-only cookie module for the submitted email cookie.

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name Status Explanation Resolution
Docstring Coverage ⚠️ Warning Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%. Write docstrings for the functions missing them to satisfy the coverage threshold.
✅ Passed checks (4 passed)
Check name Status Explanation
Linked Issues check ✅ Passed Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check ✅ Passed Check skipped because no linked issues were found for this pull request.
Title check ✅ Passed The title is concise and clearly summarizes the main change: SSO & Directory Sync settings UI improvements.
Description check ✅ Passed The description covers the summary, test plan, and screenshots, and it largely matches the template despite missing a few optional sections.
✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch feat(webapp)-sso-ui-improvements

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands.

Co-authored-by: Cursor <cursoragent@cursor.com>
devin-ai-integration[bot]

This comment was marked as resolved.

coderabbitai[bot]

This comment was marked as resolved.

samejr and others added 2 commits July 8, 2026 19:03
…mprovements

Co-authored-by: Cursor <cursoragent@cursor.com>

# Conflicts:
#	apps/webapp/app/components/primitives/Select.tsx
#	apps/webapp/app/routes/_app.orgs.$organizationSlug.settings.sso/route.tsx
Co-authored-by: Cursor <cursoragent@cursor.com>
@pkg-pr-new

pkg-pr-new Bot commented Jul 8, 2026

Copy link
Copy Markdown

Open in StackBlitz

@trigger.dev/build

npm i https://pkg.pr.new/@trigger.dev/build@7646fae

trigger.dev

npm i https://pkg.pr.new/trigger.dev@7646fae

@trigger.dev/core

npm i https://pkg.pr.new/@trigger.dev/core@7646fae

@trigger.dev/python

npm i https://pkg.pr.new/@trigger.dev/python@7646fae

@trigger.dev/react-hooks

npm i https://pkg.pr.new/@trigger.dev/react-hooks@7646fae

@trigger.dev/redis-worker

npm i https://pkg.pr.new/@trigger.dev/redis-worker@7646fae

@trigger.dev/rsc

npm i https://pkg.pr.new/@trigger.dev/rsc@7646fae

@trigger.dev/schema-to-json

npm i https://pkg.pr.new/@trigger.dev/schema-to-json@7646fae

@trigger.dev/sdk

npm i https://pkg.pr.new/@trigger.dev/sdk@7646fae

commit: 7646fae

samejr and others added 5 commits July 9, 2026 10:59
The top-level createCookie call read env.NODE_ENV from ~/env.server, which
is undefined in the client bundle, so importing the route module threw. When
the inline /login email form submits (a navigation to /login/magic), Remix
loads that module, the import fails, and it hard-reloads /login instead of
following the action's redirect to /login/sso. Move the cookie into a
.server module so it never evaluates on the client.

Co-authored-by: Cursor <cursoragent@cursor.com>
Centralize login route width in LoginPageLayout so all login pages
render identically. Tighten the SSO domain policy copy and add an
external-link arrow to the "Ask about SSO" link.

Co-authored-by: Cursor <cursoragent@cursor.com>
Switch conform shouldValidate from onBlur to onSubmit so autofocused
email fields don't flash an error when blurred or on back navigation.

Co-authored-by: Cursor <cursoragent@cursor.com>
Open the feedback modal (enterprise inquiry) from the primary Contact us
button, drop the secondary link button, and inline the Enterprise badge
beside the title.

Co-authored-by: Cursor <cursoragent@cursor.com>
@samejr samejr merged commit bb450e6 into main Jul 9, 2026
29 checks passed
@samejr samejr deleted the feat(webapp)-sso-ui-improvements branch July 9, 2026 11:09
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants