mirror of
https://github.com/bitwarden/help
synced 2025-12-22 19:23:19 +00:00
906e2ca0dd
* initial commit
* adding quotes for the array error
* Create Gemfile
* Create Gemfile.lock
* add .nvmrc and .node-version
* removed /article from URL
* update links to work with netlify
* more fixed links
* link fixes
* update bad links
* Update netlify.toml
toml test for redirects
* article redirect
* link fixes
* Update index.html
* Update netlify.toml
* Update _config.yml
* Update netlify.toml
* Update netlify.toml
* Update netlify.toml
* Update netlify.toml
* Update netlify.toml
* add article back into URL for launch
* Update netlify.toml
* Update netlify.toml
* add order to categories front matter
* Update netlify.toml
* update
* sidemenu update
* Revert "sidemenu update"
This reverts commit 5441c3d35c.
* update order prop
* Navbar updates per Gary and compiler warnings
* font/style tweaks
* Update sidebar.html
* Stage Release Documentation (#739)
* initial drafts
* rewrite Custom Fields article to prioritize new context-menu option & better organize ancillary information
* edit
* edit
* Custom Field Context Menu & CAPTCHA item in release notes
* SSO relink event
* update rn
* small edits
* improve release notes titles
* fix side menu
* Edits courtest of mportune!
* update order
* link fixes
* link cleanup
* image updates and a link
* fix trailing slash
Co-authored-by: DanHillesheim <79476558+DanHillesheim@users.noreply.github.com>
56 lines
2.9 KiB
Markdown
56 lines
2.9 KiB
Markdown
---
|
|
layout: article
|
|
title: CLI Authentication Challenges
|
|
categories: [miscellaneous]
|
|
featured: false
|
|
popular: false
|
|
tags: [cli, captcha]
|
|
---
|
|
|
|
The August 2021 release of Bitwarden (**2021-09-21**) introduced [Captcha](https://www.hcaptcha.com/about){:target="\_blank"} requirements to increase security against bot traffic. On the CLI, Captcha challenges are substituted with authentication challenges that can validated using your account's [Personal API Key]({{site.baseurl}}/article/personal-api-key) `client_secret`.
|
|
|
|
## Get your Personal API Key
|
|
|
|
To get your Personal API Key:
|
|
|
|
1. Log in to the [Web Vault](https://vault.bitwarden.com){:target="\_blank"} and select the **Settings** tab.
|
|
2. From the **My Account** screen, scroll down to the **API Key** section.
|
|
3. Select the **View API Key** button and enter your Master Password to validate access.
|
|
4. From the **API Key** dialog box, copy the **client_secret:** value, which is a random string like `efrbgT9C6BogEfXi5pZc48XyJjfpR`.
|
|
|
|
## Answering Challenges
|
|
|
|
Depending on your preferences, you can [save an environment variable](#answer-challenges-with-an-environment-variable) to automatically pass authentication challenges or [manually enter](#using-the-prompt) your `client_secret` whenever a challenge is made:
|
|
|
|
{% callout success %}
|
|
Aside from using environment variable, any possible challenge is automatically bypassed when using the `bw login --apikey` method. [Learn more]({{site.baseurl}}/article/cli/#using-an-api-key).
|
|
{% endcallout %}
|
|
|
|
### Answer Challenges with an Environment Variable
|
|
|
|
Authentication challenges will look for a non-empty environment variables `BW_CLIENTSECRET` before prompting you to enter one manually. Saving this variable with the [retrieved client_secret value](#get-your-personal-api-key) will allow you to automatically pass authentication challenges. To save this environment variable:
|
|
|
|
{% icon fa-linux %} {% icon fa-apple %} Bash
|
|
```
|
|
export BW_CLIENTSECRET="client_secret"
|
|
```
|
|
|
|
{% icon fa-windows %} PowerShell
|
|
```
|
|
env:BW_CLIENTSECRET="client_secret"
|
|
```
|
|
|
|
{% callout warning %}
|
|
If your `client_secret` is incorrect, you will receive an error. In most cases, this is because you have [rotated your API Key]({{site.baseurl}}/article/personal-api-key/#rotate-your-api-key) since saving the variable. [Use the above steps](#get-your-personal-api-key) to retrieve the correct value.
|
|
{% endcallout %}
|
|
|
|
### Answer Challenges Manually
|
|
|
|
When an authentication challenge is made and no `BW_CLIENTSECRET` value is found, you will be prompted to manually enter your `client_secret` value:
|
|
|
|
{% image cli/cli-captcha-1-markup.png Login Prompt with Auth Challenge %}
|
|
|
|
{% callout warning %}
|
|
If your `client_secret` is incorrect, you will receive an error. In most cases, this is because you have [rotated your API Key]({{site.baseurl}}/article/personal-api-key/#rotate-your-api-key) since saving the variable. [Use the above steps](#get-your-personal-api-key) to retrieve the correct value.
|
|
{% endcallout %}
|