[GH-ISSUE #5349] New member shows invited when the email was not sent #2125

New issue

Closed

opened 2026-03-03 02:15:35 +03:00 by kerem · 6 comments

kerem commented 2026-03-03 02:15:35 +03:00

Owner

Copy link

Originally created by @abacef on GitHub (Jan 5, 2025).
Original GitHub issue: https://github.com/dani-garcia/vaultwarden/issues/5349

Vaultwarden Support String

Your environment (Generated via diagnostics page)

• Vaultwarden version: v1.32.7
• Web-vault version: v2024.6.2c
• OS/Arch: linux/x86_64
• Running within a container: true (Base: Debian)
• Database type: SQLite
• Database version: 3.46.0
• Environment settings overridden!: false
• Uses a reverse proxy: false
• Internet access: true
• Internet access via a proxy: false
• DNS Check: true
• Browser/Server Time Check: true
• Server/NTP Time Check: true
• Domain Configuration Check: false
• HTTPS Check: false
• Websocket Check: true
• HTTP Response Checks: true

Config & Details (Generated via diagnostics page)

Show Config & Details

Config:

{
  "_duo_akey": null,
  "_enable_duo": true,
  "_enable_email_2fa": true,
  "_enable_smtp": true,
  "_enable_yubico": true,
  "_icon_service_csp": "",
  "_icon_service_url": "",
  "_ip_header_enabled": true,
  "_max_note_size": 10000,
  "_smtp_img_src": "***:",
  "admin_ratelimit_max_burst": 3,
  "admin_ratelimit_seconds": 300,
  "admin_session_lifetime": 20,
  "admin_token": "***",
  "allowed_connect_src": "",
  "allowed_iframe_ancestors": "",
  "attachments_folder": "data/attachments",
  "auth_request_purge_schedule": "30 * * * * *",
  "authenticator_disable_time_drift": false,
  "data_folder": "data",
  "database_conn_init": "",
  "database_max_conns": 10,
  "database_timeout": 30,
  "database_url": "***************",
  "db_connection_retries": 15,
  "disable_2fa_remember": false,
  "disable_admin_token": false,
  "disable_icon_download": false,
  "domain": "****://*********",
  "domain_origin": "****://*********",
  "domain_path": "",
  "domain_set": true,
  "duo_context_purge_schedule": "30 * * * * *",
  "duo_host": null,
  "duo_ikey": null,
  "duo_skey": null,
  "duo_use_iframe": false,
  "email_2fa_auto_fallback": false,
  "email_2fa_enforce_on_verified_invite": false,
  "email_attempts_limit": 3,
  "email_change_allowed": true,
  "email_expiration_time": 600,
  "email_token_size": 6,
  "emergency_access_allowed": true,
  "emergency_notification_reminder_schedule": "0 3 * * * *",
  "emergency_request_timeout_schedule": "0 7 * * * *",
  "enable_db_wal": true,
  "enable_websocket": true,
  "enforce_single_org_with_reset_pw_policy": false,
  "event_cleanup_schedule": "0 10 0 * * *",
  "events_days_retain": null,
  "experimental_client_feature_flags": "fido2-vault-credentials",
  "extended_logging": true,
  "helo_name": null,
  "hibp_api_key": null,
  "http_request_block_non_global_ips": true,
  "http_request_block_regex": null,
  "icon_blacklist_non_global_ips": true,
  "icon_blacklist_regex": null,
  "icon_cache_folder": "data/icon_cache",
  "icon_cache_negttl": 259200,
  "icon_cache_ttl": 2592000,
  "icon_download_timeout": 10,
  "icon_redirect_code": 302,
  "icon_service": "internal",
  "incomplete_2fa_schedule": "30 * * * * *",
  "incomplete_2fa_time_limit": 3,
  "increase_note_size_limit": false,
  "invitation_expiration_hours": 120,
  "invitation_org_name": "Vaultwarden",
  "invitations_allowed": true,
  "ip_header": "X-Real-IP",
  "job_poll_interval_ms": 30000,
  "log_file": null,
  "log_level": "info",
  "log_timestamp_format": "%Y-%m-%d %H:%M:%S.%3f",
  "login_ratelimit_max_burst": 10,
  "login_ratelimit_seconds": 60,
  "org_attachment_limit": null,
  "org_creation_users": "",
  "org_events_enabled": false,
  "org_groups_enabled": false,
  "password_hints_allowed": true,
  "password_iterations": 600000,
  "push_enabled": false,
  "push_identity_uri": "https://identity.bitwarden.com",
  "push_installation_id": "***",
  "push_installation_key": "***",
  "push_relay_uri": "https://push.bitwarden.com",
  "reload_templates": false,
  "require_device_email": false,
  "rsa_key_filename": "data/rsa_key",
  "send_purge_schedule": "0 5 * * * *",
  "sendmail_command": null,
  "sends_allowed": true,
  "sends_folder": "data/sends",
  "show_password_hint": false,
  "signups_allowed": true,
  "signups_domains_whitelist": "",
  "signups_verify": false,
  "signups_verify_resend_limit": 6,
  "signups_verify_resend_time": 3600,
  "smtp_accept_invalid_certs": false,
  "smtp_accept_invalid_hostnames": false,
  "smtp_auth_mechanism": null,
  "smtp_debug": false,
  "smtp_embed_images": true,
  "smtp_explicit_tls": null,
  "smtp_from": "****************************",
  "smtp_from_name": "Vaultwarden",
  "smtp_host": "**************",
  "smtp_password": "***",
  "smtp_port": 465,
  "smtp_security": "force_tls",
  "smtp_ssl": null,
  "smtp_timeout": 15,
  "smtp_username": "****************************",
  "templates_folder": "data/templates",
  "tmp_folder": "data/tmp",
  "trash_auto_delete_days": null,
  "trash_purge_schedule": "0 5 0 * * *",
  "use_sendmail": false,
  "use_syslog": false,
  "user_attachment_limit": null,
  "user_send_limit": null,
  "web_vault_enabled": true,
  "web_vault_folder": "web-vault/",
  "yubico_client_id": null,
  "yubico_secret_key": null,
  "yubico_server": null
}

Vaultwarden Build Version

1.32.7

Deployment method

Official Container Image

Custom deployment method

No response

Reverse Proxy

N/A

Host/Server Operating System

Linux

Operating System Version

Debian

Clients

Web Vault

Client Version

No response

Steps To Reproduce

Fresh deployment with for example an incorrect app password for Gmail SMTP, create an org, add a user, it will send an email but give an error because the app password is wrong, but the members page will show the new member as invited when they are not

Expected Result

The new member is not in the database and not shown as invited

Actual Result

The member is shown as invited

Logs

No response

Screenshots or Videos

No response

Additional Context

No response

Originally created by @abacef on GitHub (Jan 5, 2025). Original GitHub issue: https://github.com/dani-garcia/vaultwarden/issues/5349 ### Vaultwarden Support String ### Your environment (Generated via diagnostics page) * Vaultwarden version: v1.32.7 * Web-vault version: v2024.6.2c * OS/Arch: linux/x86_64 * Running within a container: true (Base: Debian) * Database type: SQLite * Database version: 3.46.0 * Environment settings overridden!: false * Uses a reverse proxy: false * Internet access: true * Internet access via a proxy: false * DNS Check: true * Browser/Server Time Check: true * Server/NTP Time Check: true * Domain Configuration Check: false * HTTPS Check: false * Websocket Check: true * HTTP Response Checks: true ### Config & Details (Generated via diagnostics page) <details><summary>Show Config & Details</summary> **Config:** ```json { "_duo_akey": null, "_enable_duo": true, "_enable_email_2fa": true, "_enable_smtp": true, "_enable_yubico": true, "_icon_service_csp": "", "_icon_service_url": "", "_ip_header_enabled": true, "_max_note_size": 10000, "_smtp_img_src": "***:", "admin_ratelimit_max_burst": 3, "admin_ratelimit_seconds": 300, "admin_session_lifetime": 20, "admin_token": "***", "allowed_connect_src": "", "allowed_iframe_ancestors": "", "attachments_folder": "data/attachments", "auth_request_purge_schedule": "30 * * * * *", "authenticator_disable_time_drift": false, "data_folder": "data", "database_conn_init": "", "database_max_conns": 10, "database_timeout": 30, "database_url": "***************", "db_connection_retries": 15, "disable_2fa_remember": false, "disable_admin_token": false, "disable_icon_download": false, "domain": "****://*********", "domain_origin": "****://*********", "domain_path": "", "domain_set": true, "duo_context_purge_schedule": "30 * * * * *", "duo_host": null, "duo_ikey": null, "duo_skey": null, "duo_use_iframe": false, "email_2fa_auto_fallback": false, "email_2fa_enforce_on_verified_invite": false, "email_attempts_limit": 3, "email_change_allowed": true, "email_expiration_time": 600, "email_token_size": 6, "emergency_access_allowed": true, "emergency_notification_reminder_schedule": "0 3 * * * *", "emergency_request_timeout_schedule": "0 7 * * * *", "enable_db_wal": true, "enable_websocket": true, "enforce_single_org_with_reset_pw_policy": false, "event_cleanup_schedule": "0 10 0 * * *", "events_days_retain": null, "experimental_client_feature_flags": "fido2-vault-credentials", "extended_logging": true, "helo_name": null, "hibp_api_key": null, "http_request_block_non_global_ips": true, "http_request_block_regex": null, "icon_blacklist_non_global_ips": true, "icon_blacklist_regex": null, "icon_cache_folder": "data/icon_cache", "icon_cache_negttl": 259200, "icon_cache_ttl": 2592000, "icon_download_timeout": 10, "icon_redirect_code": 302, "icon_service": "internal", "incomplete_2fa_schedule": "30 * * * * *", "incomplete_2fa_time_limit": 3, "increase_note_size_limit": false, "invitation_expiration_hours": 120, "invitation_org_name": "Vaultwarden", "invitations_allowed": true, "ip_header": "X-Real-IP", "job_poll_interval_ms": 30000, "log_file": null, "log_level": "info", "log_timestamp_format": "%Y-%m-%d %H:%M:%S.%3f", "login_ratelimit_max_burst": 10, "login_ratelimit_seconds": 60, "org_attachment_limit": null, "org_creation_users": "", "org_events_enabled": false, "org_groups_enabled": false, "password_hints_allowed": true, "password_iterations": 600000, "push_enabled": false, "push_identity_uri": "https://identity.bitwarden.com", "push_installation_id": "***", "push_installation_key": "***", "push_relay_uri": "https://push.bitwarden.com", "reload_templates": false, "require_device_email": false, "rsa_key_filename": "data/rsa_key", "send_purge_schedule": "0 5 * * * *", "sendmail_command": null, "sends_allowed": true, "sends_folder": "data/sends", "show_password_hint": false, "signups_allowed": true, "signups_domains_whitelist": "", "signups_verify": false, "signups_verify_resend_limit": 6, "signups_verify_resend_time": 3600, "smtp_accept_invalid_certs": false, "smtp_accept_invalid_hostnames": false, "smtp_auth_mechanism": null, "smtp_debug": false, "smtp_embed_images": true, "smtp_explicit_tls": null, "smtp_from": "****************************", "smtp_from_name": "Vaultwarden", "smtp_host": "**************", "smtp_password": "***", "smtp_port": 465, "smtp_security": "force_tls", "smtp_ssl": null, "smtp_timeout": 15, "smtp_username": "****************************", "templates_folder": "data/templates", "tmp_folder": "data/tmp", "trash_auto_delete_days": null, "trash_purge_schedule": "0 5 0 * * *", "use_sendmail": false, "use_syslog": false, "user_attachment_limit": null, "user_send_limit": null, "web_vault_enabled": true, "web_vault_folder": "web-vault/", "yubico_client_id": null, "yubico_secret_key": null, "yubico_server": null } ``` </details> ### Vaultwarden Build Version 1.32.7 ### Deployment method Official Container Image ### Custom deployment method _No response_ ### Reverse Proxy N/A ### Host/Server Operating System Linux ### Operating System Version Debian ### Clients Web Vault ### Client Version _No response_ ### Steps To Reproduce Fresh deployment with for example an incorrect app password for Gmail SMTP, create an org, add a user, it will send an email but give an error because the app password is wrong, but the members page will show the new member as invited when they are not ### Expected Result The new member is not in the database and not shown as invited ### Actual Result The member is shown as invited ### Logs _No response_ ### Screenshots or Videos _No response_ ### Additional Context _No response_

kerem 2026-03-03 02:15:35 +03:00

• closed this issue
• added the
  bug
  label

kerem commented 2026-03-03 02:15:36 +03:00

Author

Owner

Copy link

@BlackDex commented on GitHub (Jan 5, 2025):

Why shouldn't the Member be in an invited state?
You can always resend the invite from the member page.

<!-- gh-comment-id:2571543136 --> @BlackDex commented on GitHub (Jan 5, 2025): Why shouldn't the Member be in an invited state? You can always resend the invite from the member page.

kerem commented 2026-03-03 02:15:36 +03:00

Author

Owner

Copy link

@abacef commented on GitHub (Jan 5, 2025):

A definition of invited that makes sense to me is that vaultwarden successfully sent an email to the given email address. When I see that the member is invited I think that the user that was invited has to take action next, but this is not true, in reality the system administrator needs to take action next

<!-- gh-comment-id:2571546700 --> @abacef commented on GitHub (Jan 5, 2025): A definition of invited that makes sense to me is that vaultwarden successfully sent an email to the given email address. When I see that the member is invited I think that the user that was invited has to take action next, but this is not true, in reality the system administrator needs to take action next

kerem commented 2026-03-03 02:15:36 +03:00

Author

Owner

Copy link

@stefan0xC commented on GitHub (Jan 5, 2025):

Well, consider it the other way. We create a temporary user, send the invitation successfully and then there is an error trying to save everything to the database. That would be worse, wouldn't it?

You got an error message that the mail was not sent successfully? Why not contact your system administration then?

<!-- gh-comment-id:2571561091 --> @stefan0xC commented on GitHub (Jan 5, 2025): Well, consider it the other way. We create a temporary user, send the invitation successfully and then there is an error trying to save everything to the database. That would be worse, wouldn't it? You got an error message that the mail was not sent successfully? Why not contact your system administration then?

kerem commented 2026-03-03 02:15:36 +03:00

Author

Owner

Copy link

@BlackDex commented on GitHub (Jan 5, 2025):

Well, we could do not save the user yet, send the mail and after that save the user. Though not sure if that is possible with the mail invite send. Else we could always delete the user upon error.

But as you mentioned, there is a nice message the sending the mail failed. But it is also a bit strange that the invite screen stays visible and trying to save it again will result in an other message that the user already exist.

<!-- gh-comment-id:2571564613 --> @BlackDex commented on GitHub (Jan 5, 2025): Well, we could do not save the user yet, send the mail and after that save the user. Though not sure if that is possible with the mail invite send. Else we could always delete the user upon error. But as you mentioned, there is a nice message the sending the mail failed. But it is also a bit strange that the invite screen stays visible and trying to save it again will result in an other message that the user already exist.

kerem commented 2026-03-03 02:15:37 +03:00

Author

Owner

Copy link

@stefan0xC commented on GitHub (Jan 5, 2025):

Else we could always delete the user upon error.

I think this would be worth exploring. On my system I have a number of invited users that do not work (e.g. because they start with mailto: or had typos in the mail address). If the user records did not persist when there was an error that would help a lot.

<!-- gh-comment-id:2571571805 --> @stefan0xC commented on GitHub (Jan 5, 2025): > Else we could always delete the user upon error. I think this would be worth exploring. On my system I have a number of invited users that do not work (e.g. because they start with `mailto:` or had typos in the mail address). If the user records did not persist when there was an error that would help a lot.

kerem commented 2026-03-03 02:15:37 +03:00

Author

Owner

Copy link

@BlackDex commented on GitHub (Jan 5, 2025):

I started on a PR to change this, see #5350
There are still some items to address, since this needs to be done on multiple other locations too.
But i think this should work, it at least works for the member invite via the organization console.

<!-- gh-comment-id:2571644527 --> @BlackDex commented on GitHub (Jan 5, 2025): I started on a PR to change this, see #5350 There are still some items to address, since this needs to be done on multiple other locations too. But i think this should work, it at least works for the member invite via the organization console.

kerem referenced this issue 2026-03-03 09:25:39 +03:00

[PR #2125] [MERGED] Enabled trust-dns and some updates. #3054

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

main

revert-7033-patch-1

cached-config-operations

test_dylint

1.35.8

1.35.7

1.35.6

1.35.5

1.35.4

1.35.3

1.35.2

1.35.1

1.35.0

1.34.3

1.34.2

1.34.1

1.34.0

1.33.2

1.33.1

1.33.0

1.32.7

1.32.6

1.32.5

1.32.4

1.32.3

1.32.2

1.32.1

1.32.0

1.31.0

1.30.5

1.30.4

1.30.3

1.30.2

1.30.1

1.30.0

1.29.2

1.29.1

1.29.0

1.28.1

1.28.0

1.27.0

1.26.0

1.25.2

1.25.1

1.25.0

1.24.0

1.23.1

1.23.0

1.22.2

1.22.1

1.22.0

1.21.0

1.20.0

1.19.0

1.18.0

1.17.0

1.16.3

1.16.2

1.16.1

1.16.0

1.15.1

1.15.0

1.14.2

1.14.1

1.14

1.13.1

1.13.0

1.12.0

1.11.0

1.10.0

1.9.1

1.9.0

1.8.0

1.7.0

1.6.1

1.6.0

1.5.0

1.4.0

1.3.0

1.2.0

1.1.0

1.0.0

0.13.0

0.12.0

0.11.0

0.10.0

0.9.0

Labels

Clear labels   

SSO

  

Third party

  

better for forum

  

bug

  

bug

  

documentation

  

duplicate

  

enhancement

  

future Vault

  

future Vault

  

future Vault

  

good first issue

  

help wanted

  

low priority

  

notes

  

pull-request

Mirrored from GitHub Pull Request

  

question

  

troubleshooting

  

wontfix

No labels

SSO

Third party

better for forum

bug

bug

documentation

duplicate

enhancement

future Vault

future Vault

future Vault

good first issue

help wanted

low priority

notes

pull-request

question

troubleshooting

wontfix

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

starred/vaultwarden#2125

No description provided.