mirror of
https://github.com/bitwarden/help
synced 2025-12-13 23:03:26 +00:00
9be8c67fa8
* Stage (#636) * Initial Draft. To do: "How it Works" + Event Logs, User Types, Plans & Pricing, Release Notes. * whoops, missed one * Merge latest into working (#616) * Update proof-of-concept.md (#607) The "Download Bitwarden" link was going to the Apple Store (https://get.bitwarden.com/) rather than the "Downloads" page (https://bitwarden.com/download/). * Update proof-of-concept.md (#610) * Create enterprise-feature-list.md (#611) * Azure SSO HiFi Documentation (#584) * azure HiFi documentation * finalize azure * typo fixes * Google Workspace HiFi SSO Documentation (#605) * Duo HiFi documentation (#598) * Buncha Stuff (#612) * clarification on where to find legacy mac .dmg * tip for update email address * code vetting security faq * /managing-items/ refactor * two-step login 'remember me' duration * small updates, including denoting purpose of the globe icon * additional tip for deleting users in a self-host org! * uri component pieces * encryption key edit * importing cleanup * notes re: importing on file attachements * Removes custom Safari shortcut docs (#499) Bitwarden 1.25.0 on MacOS with Safari seems to use the standard MacOS shortcut for autofill (`Cmd + Shift + L`) and the custom Safari shortcuts no longer work (`Cmd + \ or Cmd + 8 or Cmd + Shift + P`). * Update Microsoft Store Installation path (#614) * Correct path for Microsoft Store app (#615) Co-authored-by: Andrea Lebron <78605241+alebr-on@users.noreply.github.com> Co-authored-by: baylorrandolph <70168800+baylorrandolph@users.noreply.github.com> Co-authored-by: Charles Renwick <crenwick@users.noreply.github.com> Co-authored-by: Alex <abanay@bitwarden.com> * mpwr event logging * mpwr user permissions * admin pw reset 2nd draft * final(ish) draft * password reprompt * initial bwdc updates (to do: update cli login procedure) * update personal api key article to better distingush from org api key * refactors bwdc desktop app article * clearer instructions for getting api key * bwdc cli login scheme * Bulk Org User Actions * export event logs * cli get notes * send cli --maxAccessCount * autofill on page load enhancements * onpageload TOTP copy * release notes & typo Co-authored-by: Andrea Lebron <78605241+alebr-on@users.noreply.github.com> Co-authored-by: baylorrandolph <70168800+baylorrandolph@users.noreply.github.com> Co-authored-by: Charles Renwick <crenwick@users.noreply.github.com> Co-authored-by: Alex <abanay@bitwarden.com> * typo fix * fix * fix * fix * mpwr final * mpw reprompt - better gif * finalize event logs * fixes to autofill o.p.l. & better screenshot * directory connector large sync * reorder rn * edits from cscharf * fix date * mp re-prompt warning * mobile re-prompt notes * downcase it * semi-vague timeline tweak Co-authored-by: Andrea Lebron <78605241+alebr-on@users.noreply.github.com> Co-authored-by: baylorrandolph <70168800+baylorrandolph@users.noreply.github.com> Co-authored-by: Charles Renwick <crenwick@users.noreply.github.com> Co-authored-by: Alex <abanay@bitwarden.com>
49 lines
2.4 KiB
Markdown
49 lines
2.4 KiB
Markdown
---
|
|
layout: article
|
|
title: Personal API Key for CLI Authentication
|
|
categories: [miscellaneous]
|
|
featured: false
|
|
popular: false
|
|
tags: [api key, cli]
|
|
---
|
|
|
|
Your Bitwarden Personal API Key can be used as an alternative method for authenticating into the Command Line Interface (CLI).
|
|
|
|
{% callout info %}
|
|
Your Personal API Key is **not the same** as the [Organization API Key]({{site.baseurl}}/article/public-api/#authentication) used to access the [Bitwarden Public API]({{site.baseurl}}/article/public-api/) or [Directory Connector]({{site.baseurl}}/article/directory-sync/). Personal API Keys will have a `client_id` with format `"user.clientId"`, while Organization API Keys will have a `client_id` with format `"organization.ClientId"`.
|
|
{% endcallout %}
|
|
|
|
## Get Your Personal API Key
|
|
|
|
Complete the following steps to get your Personal API Key:
|
|
|
|
1. Login to your [Web Vault](https://vault.bitwarden.com){:target="_blank"} and select the **Settings** tab.
|
|
2. From the **My Account** screen, scroll down to the **API Key** section.
|
|
3. Select the **View API Key** button will prompt you to enter your Master Password.
|
|
|
|
Once correctly entered, you will be provided the following:
|
|
- `client_id: "user.clientId"` (This value is unique to your account and does not change.)
|
|
- `client_secret: "clientSecret"` (This value is unique and can be rotated.)
|
|
- `scope: "api"` (This value will always be `"api"`.)
|
|
- `grant_type: "client_credentials"` (This value will always be `"client_credentials"`.)
|
|
|
|
### Rotate Your API Key
|
|
|
|
Select the **Rotate API Key** button to rotate your personal API Key. Rotating your Key will only change your `client_secret`.
|
|
|
|
Rotating your key will invalidate your previous key and all active sessions using that key.
|
|
|
|
## Authenticate using your API Key
|
|
|
|
To use your API Key to authenticate into the CLI, enter the following command:
|
|
```
|
|
bw login --apikey
|
|
```
|
|
which will prompt you to enter the obtained `client_id` and `client_secret` to authenticate. Once you enter these values, enter your Master Password to decrypt your Vault. For more information, see [Bitwarden command line tool (CLI)](https://bitwarden.com/help/article/cli/).
|
|
|
|
### Environment Variables
|
|
|
|
The Bitwarden CLI will look for non-empty environment variables `BW_CLIENTID` or `BW_CLIENTSECRET`. Save these environment variables with your `client_id` and `client_secret` to prevent Bitwarden from prompting you every time.
|
|
|
|
You will still need to enter your Master Password to decrypt your Vault.
|