help/_articles/features/uri-match-detection.md

layout, title, categories, featured, popular, tags, order

layout	title	categories	featured	popular	tags	order
article	Using URIs	auto-fill	false	false	uri match detection autofill	05

Any Login item in your Vault can be created with or edited to include one or more URI (Uniform Resource Identifier). A URI can be a website address (i.e. a URL), a Server IP Address, a Mobile App Package ID, and more.

{% image uri.png Login item URI fields in the Web Vault %}

{% callout success %} Assigning URIs to Login items is required if you want to use auto-fill functionality in the various Bitwarden client applications. {% endcallout %}

URI Schemes

Well-formed URIs should include a scheme at the beginning, for example the https:// scheme to securely reference a website address. If no scheme is specified, http:// is assumed.

{% callout success %} Most Bitwarden client applications allow you to {% icon fa-share-square %} Launch an website or app directly from your Vault. Without a scheme, Launch won't work properly. {% endcallout %}

Schemes include:

• http:// or https:// reference website addresses (e.g. https://github.com)
• androidapp:// references an Android Application Package ID or Name (e.g. androidapp://com.twitter.android)

{% callout success %} An easy way to obtain the proper URI for an Android app is to use a web browser to visit the App's page in the Google Play store. The URI for the app will appear in the URL as an ?id= query parameter (e.g. https://play.google.com/store/apps/details?id=com.twitter.android). Learn more. {% endcallout %}

Match Detection Options

Each URI assigned to a Login item has an associated Match Detection option. This option determines when and whether Bitwarden will offer the Login as an available option for auto-fill, typically determined by matching against specific component pieces. The following graphic breaks down component pieces of a URI:

{% image autofill/urlgraphic.png %}

Default match detection

Bitwarden Browser Extensions and Mobile Apps can select a Default match detection behavior from the options listed below by navigating to {% icon fa-cogs %}Settings → Options → Default URI Match Detection. You can also set match detection behavior on an item-by-item basis, which will override the global default.

By default, Bitwarden will use Base domain matching as the default option.

Base domain

Selecting Base domain will prompt Bitwarden to offer auto-fill when the top-level domain and second-level domain of a Login's URI value match the detected resource.

For example, if the URI value https://google.com uses base domain match detection:

URL	Auto-fill?
http://google.com
https://accounts.google.com
https://google.net
http://yahoo.com

Host

Selecting Host will prompt Bitwarden to offer auto-fill when the hostname and (if specified) port of the Login's URI value matches the detected resource.

For example, if the URI value https://sub.domain.com:4000 uses host match detection:

URL	Auto-fill?
http://sub.domain.com:4000
https://sub.domain.com:4000/page.html
https://domain.com
https://sub.domain.com
https://sub2.sub.domain.com:4000
https://sub.domain.com:5000

Starts with

Selecting Starts with will prompt Bitwarden to offer auto-fill when the detected resource starts with the Login URI value, regardless of what follows it.

For example, if the URI value https://sub.domain.com/path/ uses starts with match detection:

URL	Auto-fill?
https://sub.domain.com/path/
https://sub.domain.com/path/page.html
https://sub.domain.com
https://sub.domain.com:4000/path/page.html (interrupted with a port)
https://sub.domain.com/path (absent trailing slash)

Regular expression

{% callout info %} Regular expressions are an advanced option and can be quite dangerous if used incorrectly. You should not use this option if you do not know exactly what you're doing. {% endcallout %}

Selecting Regular expression will prompt Bitwarden to offer auto-fill when the detected resources matches a specified regular expression{:target="_blank"}. Regular expressions are always case insensitive.

Unsafe example

If the URI value ^https://.*google\.com$ uses regular expression match detection:

URL	Auto-fill?
https://google.com
https://sub.google.com
https://malicious-site.com?q=google.com
http://google.com
https://yahoo.com

This probably matches more than what is intended. Consider avoiding periods (.), which unless escaped (\) match on any character.

Safe example

If the URI value ^https://[a-z]+\.wikipedia\.org/w/index\.php uses regular expression match detection:

URL	Auto-fill?
https://en.wikipedia.org/w/index.php?title=Special:UserLogin&returnto=Bitwarden
https://pl.wikipedia.org/w/index.php?title=Specjalna:Zaloguj&returnto=Bitwarden
https://en.wikipedia.org/w/index.php
https://malicious-site.com
https://en.wikipedia.org/wiki/Bitwarden

Exact

Selecting Exact will prompt Bitwarden to offer auto-fill when the Login URI value matches the detected resource exactly.

For example, if the URI value https://www.google.com/page.html uses exact match detection:

URL	Auto-fill?
https://www.google.com/page.html
http://www.google.com/page.html
https://www.google.com/page.html?query=123
https://www.google.com

Never

Selecting Never will prompt Bitwarden to never offer auto-fill for the Login item.