Bitwarden Labs

Welcome to Bitwarden Labs, an unofficial space for innovative and experimental tools related to the Bitwarden universe. Here, we explore and develop a variety of projects with the help of our vibrant community.

What We Do!

In Bitwarden Labs, we focus on a diverse range of projects, including but not limited to:

Deployment Scripts & Strategies: Streamlining the process of deploying Bitwarden self-hosted server in different environments (including your homelab).
Experimental Wrappers for Bitwarden CLI: Enhancing the command line experience with innovative wrappers.
Importation Scripts for Other Password Managers: Making the transition to Bitwarden smoother with efficient importation tools.
Log Analyzers: Tools to delve deep into logs for insights and troubleshooting.
And Much More: A space for various other tools and projects that push the boundaries of password management and security.

Confirm Accepted Users

for Password Manager

SH + CLI PS + CLI ⚠️ PS + API

for Secrets Manager

SH + CLI PS + CLI

These scripts automate the process of confirming accepted users in your Bitwarden organization. When users accept an invitation to join your organization, an administrator must confirm them before they can access shared items.

The scripts support both Password Manager and Secrets Manager, and can be run via the Bitwarden CLI or directly through the API. Choose the version that best fits your workflow and environment.

List Organization Members

SH + CLI PS + CLI ⚠️ PS + CLI-2FA ⚠️

These scripts help you retrieve and display all members of your Bitwarden organization. The PowerShell version with 2FA check provides additional security validation by verifying which users have two-factor authentication enabled.

Use these scripts to audit your organization’s membership, monitor user access, or generate reports for compliance purposes.

Event Logs & SQL Cleanup

PS + API

This script fetches Bitwarden event logs within a specified date range and allows you to display them in a formatted table or export them to a CSV file for further analysis.

Event logs are essential for security auditing, compliance reporting, and investigating suspicious activities in your organization. The script provides flexible filtering and export options to meet your specific needs.

downloadEventLogsToCsv.sh - Bash script to download event logs and export them to CSV format using the Bitwarden Public API

getEventLogsLiveFeed.py - Python script that provides a live feed of event logs, useful for real-time monitoring and analysis

For related event log problems and SQL cleanup solutions, refer to the event-cleanup repository (SQL and Bash scripts to permanently remove Event Log data from the database on self-hosted servers).

Remove Revoked users

PY + API

This Python script connects to the Bitwarden Public API to automate the cleanup of revoked or inactive organization members. It authenticates using the organization’s API client credentials, retrieves the current list of users, and removes any whose status value is -1 — indicating a revoked account.

Functionality

Requests an OAuth access token from Bitwarden’s identity service
Fetches the organization’s member list via the Public API
Identifies users with status == -1 (revoked)
Issues a DELETE request to remove each revoked user

⌨️ Shortcuts

Disclaimer