[AC-1145] Add trusted devices option to SSO Config Data (#2909)

* [AC-1145] Add TDE feature flag

* [AC-1145] Update .gitignore to ignore flags.json in the Api project

* [AC-1145] Introduce MemberDecryptionType property on SsoConfigurationData

* [AC-1145] Add MemberDecryptionType to the SsoConfigurationDataRequest model

* [AC-1145] Automatically enable password reset policy on TDE selection

* [AC-1145] Remove references to obsolete KeyConnectorEnabled field

* [AC-1145] Formatting

* [AC-1145] Update XML doc reference to MemberDecryptionType

src/Core/Auth/Models/Data/SsoConfigurationData.cs

@@ -22,7 +22,25 @@ public class SsoConfigurationData
 
     public SsoType ConfigType { get; set; }
 
-    public bool KeyConnectorEnabled { get; set; }
+    public MemberDecryptionType MemberDecryptionType { get; set; }
+
+    /// <summary>
+    /// Legacy property to determine if KeyConnector was enabled.
+    /// Kept for backwards compatibility with old configs that will not have
+    /// the new <see cref="MemberDecryptionType"/> when deserialized from the database.
+    /// </summary>
+    [Obsolete("Use MemberDecryptionType instead")]
+    public bool KeyConnectorEnabled
+    {
+        get => MemberDecryptionType == MemberDecryptionType.KeyConnector;
+        set
+        {
+            if (value)
+            {
+                MemberDecryptionType = MemberDecryptionType.KeyConnector;
+            }
+        }
+    }
     public string KeyConnectorUrl { get; set; }
 
     // OIDC