Self-hosted Bitwarden-compatible server in Rust, light enough to run where the official service is too heavy
- Stars62.3k
- Forks2.9k
- Open Issues49
AGPL-3.0
- Rust
- Handlebars
- TypeScript
About Vaultwarden
Vaultwarden is an alternative server implementation of the Bitwarden Client API, written in Rust and compatible with the official Bitwarden clients. It targets self-hosted deployments where the official, resource-heavy service is not ideal, keeping your vault on hardware you own. Formerly Bitwarden_RS, it is not associated with Bitwarden, Inc.
Implementing nearly all of the Bitwarden Client API, it lets existing mobile, desktop, and browser clients connect directly. Supported features include the personal vault, Send, attachments, and organizations with collections, sharing, roles, and policies. Two-step login works via authenticator, email, FIDO2 WebAuthn, YubiKey, and Duo, plus emergency access.
Vaultwarden ships as official container images on ghcr.io, Docker Hub, and Quay, run behind a reverse proxy with a mounted volume for persistent data. It bundles a modified Bitwarden web vault and a built-in admin backend for managing the instance, and requires HTTPS for the Web Crypto API.
Key features
- Nearly complete Bitwarden Client API, works with official clients
- Personal vault, Send, attachments, and website icons
- Organizations with collections, sharing, roles, and groups
- Two-step login: authenticator, email, FIDO2 WebAuthn, YubiKey, Duo
- Built-in admin backend and bundled modified web vault
Details
- First released
- 2018
- Self-hosting
- Designed for self-hosted deployment
- Language
- Rust · Rocket web framework
- Clients
- Compatible with official Bitwarden apps
- Transport
- HTTPS required (Web Crypto API)
- Governance
- Community maintainers, not Bitwarden Inc.