Home

Vaultwarden

Vaultwarden is an unofficial Bitwarden server implementation written in Rust. It is compatible with the official Bitwarden clients, and is ideal for self-hosted deployments where running the official resource-heavy service is undesirable.

Vaultwarden is targeted towards individuals, families, and smaller organizations. Development of features that are mainly useful to larger organizations (e.g., single sign-on, directory syncing, etc.) is not a priority, though high-quality PRs that implement such features would be welcome.

There have been several audits done on Vaultwarden of which some are publicly available, read more about it on our Vaultwarden Audits wiki page.

Supported features

Vaultwarden implements the Bitwarden APIs required for most functionality, including:

• Web interface (equivalent to https://vault.bitwarden.com/)

• Personal vault support

• Organization vault support

• Groups, setting an environment variable is required in order to enable it)

• Event Logs

• Password sharing and access control

• Collections

• File attachments

• Folders

• Favorites

• Website icons

• Bitwarden Authenticator (TOTP)

• Bitwarden Send

• Emergency Access

• Live sync (WebSocket only) for desktop/browser clients/extensions

• Trash (soft delete)

• Master password re-prompt

• Personal API key

• Two-step login via email, Duo, YubiKey, and FIDO2 WebAuthn (including Nitrokeys and Solokeys)

• Username generator integration with SimpleLogin, AnonAddy, or Firefox Relay

• Directory Connector support

• Admin Password Reset

• Live sync (push notifications) for mobile clients (Android/iOS)

• Certain enterprise policies:

  • Require two-step login
  • Master password requirements
  • Master password reset
  • Password generator
  • Single organization
  • Remove individual vault
  • Remove Send
  • Send options

Missing features

Issue #246 contains the comprehensive list of feature requests, both features of the official server that are missing in Vaultwarden, as well as enhancements specific to Vaultwarden.

To simplify comparison with the official server, this section summarizes the features implemented in the official server that are not currently available in Vaultwarden.

Features that may be added as time permits (contributions are always welcome):

• Bitwarden Public API / Organization API key This feature is partially added, but only to support the Bitwarden Directory Connector.

Features that probably won't be added unless contributed:

• Single Sign-On (SSO)
• Custom roles
• Certain enterprise policies (UI not open source, would probably need to be configured via admin page):
  • Require single sign-on authentication
  • Vault timeout
  • Remove individual vault export

Get in touch

To ask a question, offer suggestions, request new features, or get help configuring or installing the software, please use the forum.

If you spot any bugs or crashes with Vaultwarden itself, please create an issue. Make sure there aren't any similar issues open, though!

If you prefer to chat, we're usually hanging around at #vaultwarden:matrix.org room on Matrix. Feel free to join us!