server

mirror of https://github.com/bitwarden/server synced 2026-01-11 13:03:27 +00:00

Go to file

Dave 2dc4e9a420 feat(2fa-webauthn) [PM-20109]: Increase 2FA WebAuthn Security Key Limit (#6751 )

* feat(global-settings) [PM-20109]: Add WebAuthN global settings.

* feat(webauthn) [PM-20109]: Update maximum allowed WebAuthN credentials to use new settings.

* test(webauthn) [PM-20109]: Update command tests to use global configs.

* feat(global-settings) [PM-20109]: Set defaults for maximum allowed credentials.

* feat(two-factor-request-model) [PM-20109]: Remove hard-coded 5 limit on ID validation.

* Revert "test(webauthn) [PM-20109]: Update command tests to use global configs."

This reverts commit ba9f0d5fb6.

* Revert "feat(webauthn) [PM-20109]: Update maximum allowed WebAuthN credentials to use new settings."

This reverts commit d2faef0c13.

* feat(global-settings) [PM-20109]: Add WebAuthNSettings to interface for User Service consumption.

* feat(user-service) [PM-20109]: Add boundary and persistence-time validation for maximum allowed WebAuthN 2FA credentials.

* test(user-service) [PM-20109]: Update tests for WebAuthN limit scenarios.

* refactor(user-service) [PM-20109]: Typo in variable name.

* refactor(user-service) [PM-20109]: Remove unnecessary pending check.

* refactor(user-service) [PM-20109]: Pending check is necessary.

* refactor(webauthn) [PM-20109]: Re-spell WebAuthN => WebAuthn.

* refactor(user-service) [PM-20109]: Re-format pending checks for consistency.

* refactor(user-service) [PM-20109]: Fix type spelling in comments.

* test(user-service) [PM-20109]: Combine premium and non-premium test cases with AutoData.

* refactor(user-service) [PM-20109]: Swap HasPremiumAccessQuery in for CanAccessPremium.

* refactor(user-service) [PM-20109]: Convert limit check to positive, edit comments.

2025-12-29 11:55:05 -05:00

.checkmarx

Exclude dev directory from iac scans (#3807 )

2024-02-15 08:53:03 -05:00

.claude

Remove additional code review prompt file (#6754 )

2025-12-18 19:19:19 +01:00

.config

Update swashbuckle to fix API docs (#6319 )

2025-09-15 16:49:46 +02:00

.devcontainer

Devcontainer restart enhancements (#5965 )

2025-06-23 20:23:23 -04:00

.git-hooks

Add git hook for formating (#2224 )

2022-09-08 10:27:17 +02:00

.github

chore(deps): Move Cosmos cache to Auth ownership

2025-12-29 10:00:05 -05:00

.run

Add Rider launch configurations (#2646 )

2023-01-31 06:20:46 +10:00

.vscode

[pm-14415] Add recommended extensions for VS Code. (#5249 )

2025-01-14 13:38:32 -05:00

bitwarden_license

[PM-27117] Sync Stripe Customer details for Organizations and Providers in API & Admin (#6679 )

2025-12-16 07:59:05 -06:00

dev

[deps] BRE: Update rabbitmq Docker tag to v4.2.0 (#4026 )

2025-12-17 12:42:33 -05:00

perf

[deps] Billing: Update BenchmarkDotNet to 0.15.3 (#6041 )

2025-09-26 15:05:23 +00:00

src

feat(2fa-webauthn) [PM-20109]: Increase 2FA WebAuthn Security Key Limit (#6751 )

2025-12-29 11:55:05 -05:00

test

feat(2fa-webauthn) [PM-20109]: Increase 2FA WebAuthn Security Key Limit (#6751 )

2025-12-29 11:55:05 -05:00

util

[PM-27280] Support v2 encryption on key-connector signups (#6712 )

2025-12-18 13:43:03 -05:00

.dockerignore

Bitwarden Unified Self-Host project (#2410 )

2022-11-18 14:39:01 -05:00

.editorconfig

[BEEEP] Fix all CA2254 occurrences (#6357 )

2025-10-20 11:34:31 -04:00

.git-blame-ignore-revs

Add instructions (#2232 )

2022-08-30 12:17:17 -04:00

.gitattributes

Run dotnet format (#1764 )

2021-12-16 15:35:09 +01:00

.gitignore

[PM-24616] refactor stripe adapter (#6527 )

2025-12-12 15:32:43 -06:00

bitwarden-server.sln

feat(prevent-bad-existing-sso-user): [PM-24579] Prevent Existing Non Confirmed and Accepted SSO Users (#6348 )

2025-10-27 14:21:24 -04:00

CONTRIBUTING.md

Update README and CONTRIBUTING to point to contributing.bitwarden.com (#2028 )

2022-06-09 12:00:58 +02:00

Directory.Build.props

Bumped version to 2025.12.2

2025-12-15 15:42:14 +00:00

global.json

Add the Server SDK to Billing (#6727 )

2025-12-15 10:45:01 -05:00

LICENSE_AGPL.txt

split license file out to support bitwarden licensed code (#912 )

2020-09-04 13:36:22 -04:00

LICENSE_BITWARDEN.txt

Update paths to point to main instead of master (#3699 )

2024-01-24 09:48:03 -05:00

LICENSE_FAQ.md

Update paths to point to main instead of master (#3699 )

2024-01-24 09:48:03 -05:00

LICENSE.txt

Update paths to point to main instead of master (#3699 )

2024-01-24 09:48:03 -05:00

README.md

BRE-1005 docs(README): add dynamic badges for container image digests (#6769 )

2025-12-23 16:02:17 -05:00

SECURITY.md

Update SECURITY.md (#1913 )

2022-03-15 15:54:08 -04:00

TRADEMARK_GUIDELINES.md

Update TRADEMARK_GUIDELINES.md

2021-03-26 14:04:27 -04:00

README.md

The Bitwarden Server project contains the APIs, database, and other core infrastructure items needed for the "backend" of all bitwarden client applications.

The server project is written in C# using .NET Core with ASP.NET Core. The database is written in T-SQL/SQL Server. The codebase can be developed, built, run, and deployed cross-platform on Windows, macOS, and Linux distributions.

Developer Documentation

Please refer to the Server Setup Guide in the Contributing Documentation for build instructions, recommended tooling, code style tips, and lots of other great information to get you started.

Deploy

You can deploy Bitwarden using Docker containers on Windows, macOS, and Linux distributions. Use the provided PowerShell and Bash scripts to get started quickly. Find all of the Bitwarden images on GitHub Container Registry.

Full documentation for deploying Bitwarden with Docker can be found in our help center at: https://help.bitwarden.com/article/install-on-premise/

Requirements

Docker
Docker Compose (already included with some Docker installations)

These dependencies are free to use.

Linux & macOS

curl -s -L -o bitwarden.sh \
    "https://func.bitwarden.com/api/dl/?app=self-host&platform=linux" \
    && chmod +x bitwarden.sh
./bitwarden.sh install
./bitwarden.sh start

Windows

Invoke-RestMethod -OutFile bitwarden.ps1 `
    -Uri "https://func.bitwarden.com/api/dl/?app=self-host&platform=windows"
.\bitwarden.ps1 -install
.\bitwarden.ps1 -start

Production Container Images

View Current Production Image Hashes (click to expand)

US Production Cluster

Service	Image Hash
Admin
API
Billing
Events
EventsProcessor
Identity
Notifications
SCIM
SSO

EU Production Cluster

Service	Image Hash
Admin
API
Billing
Events
EventsProcessor
Identity
Notifications
SCIM
SSO

We're Hiring!

Interested in contributing in a big way? Consider joining our team! We're hiring for many positions. Please take a look at our Careers page to see what opportunities are currently open as well as what it's like to work at Bitwarden.

Contribute

Code contributions are welcome! Please commit any pull requests against the main branch. Learn more about how to contribute by reading the Contributing Guidelines. Check out the Contributing Documentation for how to get started with your first contribution.

Security audits and feedback are welcome. Please open an issue or email us privately if the report is sensitive in nature. You can read our security policy in the SECURITY.md file. We also run a program on HackerOne.

No grant of any rights in the trademarks, service marks, or logos of Bitwarden is made (except as may be necessary to comply with the notice requirements as applicable), and use of any Bitwarden trademarks must comply with Bitwarden Trademark Guidelines.

Dotnet-format

Consider installing our git pre-commit hook for automatic formatting.

git config --local core.hooksPath .git-hooks

Languages

C# 77.9%

TSQL 16.9%

Handlebars 2.2%

HTML 2%

Shell 0.5%

Other 0.3%