The Bitwarden integration allows you to ingest security-relevant events from your Bitwarden organization, including:Documentation Index
Fetch the complete documentation index at: https://docs.wirespeed.co/llms.txt
Use this file to discover all available pages before exploring further.
- User authentication: Track successful and failed login attempts, password changes, and two-factor authentication events
- Vault activity: Monitor item creation, access, and modifications
- Organization management: See user invitations, role changes, and policy updates
- Secrets Manager events: Track access to secrets, projects, and machine accounts
Prerequisites
Before setting up this integration, ensure you have:- A Bitwarden Teams or Enterprise organization
- Owner privileges in your Bitwarden organization
- Access to the Bitwarden Admin Console
The Bitwarden Public API is available for Teams and Enterprise organizations only.
Step 1: Obtain Your Organization API Key
- Sign in to your Bitwarden Web Vault
- Open the Admin Console using the product switcher
- Navigate to Settings → Organization info
- Scroll down to the API key section
- Click View API Key (you may need to re-authenticate)
- Copy both the client_id and client_secret
Step 2: Identify Your Server URLs
Bitwarden uses different server URLs based on your hosting option and region:Cloud-Hosted (US)
| Server Type | URL |
|---|---|
| API Server | https://api.bitwarden.com |
| Identity Server | https://identity.bitwarden.com |
Cloud-Hosted (EU)
| Server Type | URL |
|---|---|
| API Server | https://api.bitwarden.eu |
| Identity Server | https://identity.bitwarden.eu |
Self-Hosted
| Server Type | URL |
|---|---|
| API Server | https://your.domain.com/api |
| Identity Server | https://your.domain.com/identity |
Step 3: Add the Integration in Wirespeed
- Log in to Wirespeed and navigate to Integrations > Add Integration
- Search for and select Bitwarden
- Enter the following information:
- API Server URL: The API server URL from Step 2
- Identity Server URL: The identity server URL from Step 2
- Client ID: The client_id from Step 1
- Client Secret: The client_secret from Step 1
- Click Integrate to complete the setup
What Events Are Collected?
User Events
Authentication and account-related events:- Successful and failed login attempts
- Password changes
- Two-step login enable/disable
- Account recovery events
- Device approval requests
Item Events
Vault item activity:- Item creation, editing, and deletion
- Viewing passwords, hidden fields, and security codes
- Copying credentials
- Autofill usage
- Attachment management
Collection & Group Events
Organizational structure changes:- Collection creation, editing, and deletion
- Group management
Organization Events
Administrative actions:- User invitations, confirmations, and removals
- Role and group assignments
- SSO configuration changes
- Policy modifications
- Organization settings updates
- Vault exports and purges
Secrets Manager Events
For organizations using Bitwarden Secrets Manager:- Secret access, creation, editing, and deletion
- Project management
- Machine account changes
Troubleshooting
Authentication Errors
If you see authentication errors:- Verify your client_id and client_secret are correct
- Ensure you’re using the correct API and Identity server URLs for your region/hosting
- Check that your API key hasn’t been rotated since setup
No Events Appearing
If events aren’t showing up:- Events may take a few minutes to appear after initial setup
- Verify that activity is occurring in your Bitwarden organization
- Ensure your organization has an active Teams or Enterprise subscription
Rate Limiting
The Bitwarden Public API has rate limits. If you encounter rate limiting:- Wirespeed will automatically retry with exponential backoff
- Events will be collected on the next sync cycle