An alternative server implementation of the Bitwarden Client API, written in Rust and compatible with official Bitwarden clients [disclaimer], perfect for self-hosted deployment where running the official resource-heavy service might not be ideal.

---

Important

When using this server, please report any bugs or suggestions directly to us (see Get in touch), regardless of whatever clients you are using (mobile, desktop, browser...). DO NOT use the official Bitwarden support channels.

Features

A nearly complete implementation of the Bitwarden Client API is provided, including:

• Personal Vault
• Send
• Attachments
• Website icons
• Personal API Key
• Organizations
  • Collections, Password Sharing, Member Roles, Groups, Event Logs, Admin Password Reset, Directory Connector, Policies
• Multi/Two Factor Authentication
  • Authenticator, Email, FIDO2 WebAuthn, YubiKey, Duo
• Emergency Access
• Vaultwarden Admin Backend
• Modified Web Vault client (Bundled within our containers)

Usage

Important

Most modern web browsers disallow the use of Web Crypto APIs in insecure contexts. In this case, you might get an error like Cannot read property 'importKey'. To solve this problem, you need to access the web vault via HTTPS or localhost.

This can be configured in Vaultwarden directly or using a third-party reverse proxy (some examples).

If you have an available domain name, you can get HTTPS certificates with Let's Encrypt, or you can generate self-signed certificates with utilities like mkcert. Some proxies automatically do this step, like Caddy or Traefik (see examples linked above).

Tip

For more detailed examples on how to install, use and configure Vaultwarden you can check our Wiki.

The main way to use Vaultwarden is via our container images which are published to ghcr.io, docker.io and quay.io.

There are also community driven packages which can be used, but those might be lagging behind the latest version or might deviate in the way Vaultwarden is configured, as described in our Wiki.

Docker/Podman CLI

Pull the container image and mount a volume from the host for persistent storage.
You can replace docker with podman if you prefer to use podman.

docker pull vaultwarden/server:latest
docker run --detach --name vaultwarden \
  --env DOMAIN="https://vw.domain.tld" \
  --volume /vw-data/:/data/ \
  --restart unless-stopped \
  --publish 80:80 \
  vaultwarden/server:latest

This will preserve any persistent data under /vw-data/, you can adapt the path to whatever suits you.

Docker Compose

To use Docker compose you need to create a compose.yaml which will hold the configuration to run the Vaultwarden container.

services:
  vaultwarden:
    image: vaultwarden/server:latest
    container_name: vaultwarden
    restart: unless-stopped
    environment:
      DOMAIN: "https://vw.domain.tld"
    volumes:
      - ./vw-data/:/data/
    ports:
      - 80:80

Get in touch

Have a question, suggestion or need help? Join our community on Matrix, GitHub Discussions or Discourse Forums.

Encountered a bug or crash? Please search our issue tracker and discussions to see if it's already been reported. If not, please start a new discussion or create a new issue. Ensure you're using the latest version of Vaultwarden and there aren't any similar issues open or closed!

Contributors

Thanks for your contribution to the project!

Disclaimer

This project is not associated with Bitwarden or Bitwarden, Inc.

However, one of the active maintainers for Vaultwarden is employed by Bitwarden and is allowed to contribute to the project on their own time. These contributions are independent of Bitwarden and are reviewed by other maintainers.

The maintainers work together to set the direction for the project, focusing on serving the self-hosting community, including individuals, families, and small organizations, while ensuring the project's sustainability.

Please note: We cannot be held liable for any data loss that may occur while using Vaultwarden. This includes passwords, attachments, and other information handled by the application. We highly recommend performing regular backups of your files and database. However, should you experience data loss, we encourage you to contact us immediately.

Bitwarden_RS

This project was known as Bitwarden_RS and has been renamed to separate itself from the official Bitwarden server in the hopes of avoiding confusion and trademark/branding issues.
Please see #1642 - v1.21.0 release and project rename to Vaultwarden for more explanation.