starred/vaultwarden
1
0
Fork 0
mirror of https://github.com/dani-garcia/vaultwarden.git synced 2026-04-26 01:35:54 +03:00
Code Issues 39 Projects Releases 5 Packages Wiki Activity

[GH-ISSUE #920] Sign up after invitation is broken #654

New issue
Closed
opened 2026-03-03 02:01:46 +03:00 by kerem · 15 comments
kerem commented 2026-03-03 02:01:46 +03:00
Owner
Copy link

Originally created by @paradeiser on GitHub (Mar 19, 2020).
Original GitHub issue: https://github.com/dani-garcia/vaultwarden/issues/920

It's not possible to create account after invitation

my variables are

  "signups_allowed": false,
  "invitations_allowed": true,

hence: Public signups are disallowed, but invited email addresses are able to create an account.
Before the latest update all worked as expected - no changes to setup since then.
Behaviour as expected when using vault.bitwarden.com

My environment

  • Bitwarden_rs version: 1.14-2ee07ea1
  • Install method: Synology Docker

Steps to reproduce

  1. A logged in user invites a new user to an organisation
  2. Invited user clicks button "Join Organization Now" in invitation mail
  3. Bitwarden website pops up, hit the button "Create Account"

Expected behaviour

  1. Usually a form would show up, asking for name, master-password, hint, etc.

Actual behaviour

  1. The usual form pops up just for a second, then user gets kicked to log-in page with error

"Logged out - Session expired"

Bildschirmfoto 2020-03-19 um 18 38 22

tried different browsers, cleared all cookies and browser-data; restarted docker.

Originally created by @paradeiser on GitHub (Mar 19, 2020). Original GitHub issue: https://github.com/dani-garcia/vaultwarden/issues/920 ### It's not possible to create account after invitation my variables are ``` "signups_allowed": false, "invitations_allowed": true, ``` hence: Public signups are disallowed, but invited email addresses are able to create an account. Before the latest update all worked as expected - no changes to setup since then. Behaviour as expected when using vault.bitwarden.com ### My environment <!-- The version number, obtained from the logs or the admin page --> * Bitwarden_rs version: 1.14-2ee07ea1 <!-- How the server was installed: Docker image / package / built from source --> * Install method: Synology Docker ### Steps to reproduce 1. A logged in user invites a new user to an organisation 2. Invited user clicks button "Join Organization Now" in invitation mail 3. Bitwarden website pops up, hit the button "Create Account" ### Expected behaviour 4. Usually a form would show up, asking for name, master-password, hint, etc. ### Actual behaviour 4. The usual form pops up just for a second, then user gets kicked to log-in page with error > "Logged out - Session expired" <img width="317" alt="Bildschirmfoto 2020-03-19 um 18 38 22" src="https://user-images.githubusercontent.com/43011936/77100161-7bacc880-6a15-11ea-88e3-88e6a298162e.png"> tried different browsers, cleared all cookies and browser-data; restarted docker.
kerem closed this issue 2026-03-03 02:01:46 +03:00
kerem commented 2026-03-03 02:01:47 +03:00
Author
Owner
Copy link

@BlackDex commented on GitHub (Mar 19, 2020):

I think this will be fixed with the latest build based upon the latest commit which is not build as of yet.

I can't check at this moment if that is the case, but if i check the link it uses it should.

<!-- gh-comment-id:601414209 --> @BlackDex commented on GitHub (Mar 19, 2020): I think this will be fixed with the latest build based upon the latest commit which is not build as of yet. I can't check at this moment if that is the case, but if i check the link it uses it should.
kerem commented 2026-03-03 02:01:47 +03:00
Author
Owner
Copy link

@BlackDex commented on GitHub (Mar 19, 2020):

Well just tested it. Doesn't solve it. So this is something else.

<!-- gh-comment-id:601433089 --> @BlackDex commented on GitHub (Mar 19, 2020): Well just tested it. Doesn't solve it. So this is something else.
kerem commented 2026-03-03 02:01:47 +03:00
Author
Owner
Copy link

@Stiefmeister commented on GitHub (Mar 20, 2020):

Got the same problem - first thought it had something to do with my reverse proxy setup (letsencrypt); but behavior is the same locally. Tried different browsers as well, no luck

<!-- gh-comment-id:601548820 --> @Stiefmeister commented on GitHub (Mar 20, 2020): Got the same problem - first thought it had something to do with my reverse proxy setup (letsencrypt); but behavior is the same locally. Tried different browsers as well, no luck
kerem commented 2026-03-03 02:01:47 +03:00
Author
Owner
Copy link

@BlackDex commented on GitHub (Mar 20, 2020):

This has something to do with the new policies in the latest web-vault 2.13.1.

<!-- gh-comment-id:601568873 --> @BlackDex commented on GitHub (Mar 20, 2020): This has something to do with the new policies in the latest web-vault 2.13.1.
kerem commented 2026-03-03 02:01:47 +03:00
Author
Owner
Copy link

@Stiefmeister commented on GitHub (Mar 20, 2020):

Had a look at the logs, seems some kind of access token is expected for invited users!?

[2020-03-20 09:32:34][request][INFO] GET /api/organizations/_/policies/token?token=#################
[2020-03-20 09:32:34][auth][ERROR] Unauthorized Error: No access token provided
[2020-03-20 09:32:34][response][INFO] GET /api/organizations/<org_id>/policies/<pol_type> (get_policy) => 401 Unauthorized

<!-- gh-comment-id:601603149 --> @Stiefmeister commented on GitHub (Mar 20, 2020): Had a look at the logs, seems some kind of access token is expected for invited users!? [2020-03-20 09:32:34][request][INFO] GET /api/organizations/_/policies/token?token=################# [2020-03-20 09:32:34][auth][ERROR] Unauthorized Error: No access token provided [2020-03-20 09:32:34][response][INFO] GET /api/organizations/<org_id>/policies/<pol_type> (get_policy) => 401 Unauthorized
kerem commented 2026-03-03 02:01:47 +03:00
Author
Owner
Copy link

@BlackDex commented on GitHub (Mar 20, 2020):

Yea, we found what the issue is.
This is because of the new policy rules which are available in the latest web-vault.
There you can enforce specific password policies etc..
That is what is breaking the invites now.

<!-- gh-comment-id:601610259 --> @BlackDex commented on GitHub (Mar 20, 2020): Yea, we found what the issue is. This is because of the new policy rules which are available in the latest web-vault. There you can enforce specific password policies etc.. That is what is breaking the invites now.
kerem commented 2026-03-03 02:01:47 +03:00
Author
Owner
Copy link

@BlackDex commented on GitHub (Mar 20, 2020):

btw. you can workaround this by using an older web-vault which does not have this.
You need to download https://github.com/dani-garcia/bw_web_builds/releases/tag/v2.12.0e extract it in a specific folder in your data folder. And then configure bitwarden_rs via the WEB_VAULT_FOLDER env variable to use that specific folder.

<!-- gh-comment-id:601611755 --> @BlackDex commented on GitHub (Mar 20, 2020): btw. you can workaround this by using an older web-vault which does not have this. You need to download https://github.com/dani-garcia/bw_web_builds/releases/tag/v2.12.0e extract it in a specific folder in your data folder. And then configure bitwarden_rs via the `WEB_VAULT_FOLDER` env variable to use that specific folder.
kerem commented 2026-03-03 02:01:47 +03:00
Author
Owner
Copy link

@paradeiser commented on GitHub (Mar 20, 2020):

Thanks!
Is there an ETA for a release that fixes this bug?

<!-- gh-comment-id:601614484 --> @paradeiser commented on GitHub (Mar 20, 2020): Thanks! Is there an ETA for a release that fixes this bug?
kerem commented 2026-03-03 02:01:47 +03:00
Author
Owner
Copy link

@BlackDex commented on GitHub (Mar 20, 2020):

Fix is committed, now we have to wait for the all mighty docker hub to finish the new build.

<!-- gh-comment-id:601622514 --> @BlackDex commented on GitHub (Mar 20, 2020): Fix is committed, now we have to wait for the all mighty docker hub to finish the new build.
kerem commented 2026-03-03 02:01:48 +03:00
Author
Owner
Copy link

@Stiefmeister commented on GitHub (Mar 20, 2020):

Fix is committed, now we have to wait for the all mighty docker hub to finish the new build.

Thanks for the swift fix/ support!

<!-- gh-comment-id:601631280 --> @Stiefmeister commented on GitHub (Mar 20, 2020): > > > Fix is committed, now we have to wait for the all mighty docker hub to finish the new build. Thanks for the swift fix/ support!
kerem commented 2026-03-03 02:01:48 +03:00
Author
Owner
Copy link

@paradeiser commented on GitHub (Mar 20, 2020):

superb! merci and thanks a lot!

<!-- gh-comment-id:601638622 --> @paradeiser commented on GitHub (Mar 20, 2020): superb! merci and thanks a lot!
kerem commented 2026-03-03 02:01:48 +03:00
Author
Owner
Copy link

@paradeiser commented on GitHub (Mar 20, 2020):

I can confirm: latest build is up and fixed the issue. Thanks a lot!

<!-- gh-comment-id:601838849 --> @paradeiser commented on GitHub (Mar 20, 2020): I can confirm: latest build is up and fixed the issue. Thanks a lot!
kerem commented 2026-03-03 02:01:48 +03:00
Author
Owner
Copy link

@dani-garcia commented on GitHub (Mar 21, 2020):

This should be fixed now in 1.14.1, but it might take some hours for the docker images to build still.

<!-- gh-comment-id:602084238 --> @dani-garcia commented on GitHub (Mar 21, 2020): This should be fixed now in 1.14.1, but it might take some hours for the docker images to build still.
kerem commented 2026-03-03 02:01:48 +03:00
Author
Owner
Copy link

@samgaw58 commented on GitHub (May 28, 2021):

I am running Vaultwarden V1.21.1 on Portainer and I am getting the same error. If I invite a new user, click the email link and then click create account I get the same error that the user already exists.
Is there any workaround I can do?

<!-- gh-comment-id:850604478 --> @samgaw58 commented on GitHub (May 28, 2021): I am running Vaultwarden V1.21.1 on Portainer and I am getting the same error. If I invite a new user, click the email link and then click create account I get the same error that the user already exists. Is there any workaround I can do?
kerem commented 2026-03-03 02:01:48 +03:00
Author
Owner
Copy link

@samgaw58 commented on GitHub (May 28, 2021):

Here are the last three lines of the logs

[2021-05-28 19:02:35.196][request][INFO] POST /api/accounts/register

[2021-05-28 19:02:35.196][vaultwarden::api::core::accounts][ERROR] User already exists

[2021-05-28 19:02:35.196][response][INFO] POST /api/accounts/register (register) => 400 Bad Request

<!-- gh-comment-id:850610926 --> @samgaw58 commented on GitHub (May 28, 2021): Here are the last three lines of the logs [2021-05-28 19:02:35.196][request][INFO] POST /api/accounts/register [2021-05-28 19:02:35.196][vaultwarden::api::core::accounts][ERROR] User already exists [2021-05-28 19:02:35.196][response][INFO] POST /api/accounts/register (register) => 400 Bad Request
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
main
revert-7033-patch-1
cached-config-operations
test_dylint
1.35.8
1.35.7
1.35.6
1.35.5
1.35.4
1.35.3
1.35.2
1.35.1
1.35.0
1.34.3
1.34.2
1.34.1
1.34.0
1.33.2
1.33.1
1.33.0
1.32.7
1.32.6
1.32.5
1.32.4
1.32.3
1.32.2
1.32.1
1.32.0
1.31.0
1.30.5
1.30.4
1.30.3
1.30.2
1.30.1
1.30.0
1.29.2
1.29.1
1.29.0
1.28.1
1.28.0
1.27.0
1.26.0
1.25.2
1.25.1
1.25.0
1.24.0
1.23.1
1.23.0
1.22.2
1.22.1
1.22.0
1.21.0
1.20.0
1.19.0
1.18.0
1.17.0
1.16.3
1.16.2
1.16.1
1.16.0
1.15.1
1.15.0
1.14.2
1.14.1
1.14
1.13.1
1.13.0
1.12.0
1.11.0
1.10.0
1.9.1
1.9.0
1.8.0
1.7.0
1.6.1
1.6.0
1.5.0
1.4.0
1.3.0
1.2.0
1.1.0
1.0.0
0.13.0
0.12.0
0.11.0
0.10.0
0.9.0
Labels
Clear labels   
SSO

   
Third party

   
better for forum

   
bug

   
bug

   
documentation

   
duplicate

   
enhancement

   
future Vault

   
future Vault

   
future Vault

   
good first issue

   
help wanted

   
low priority

   
notes

   
pull-request

Mirrored from GitHub Pull Request

  
question

   
troubleshooting

   
wontfix
No labels
SSO
Third party
better for forum
bug
bug
documentation
duplicate
enhancement
future Vault
future Vault
future Vault
good first issue
help wanted
low priority
notes
pull-request
question
troubleshooting
wontfix
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
starred/vaultwarden#654
No description provided.