Manager user cannot manage users or collections #1196

New Issue

Closed

opened 2026-02-05 00:15:59 +03:00 by OVERLORD · 1 comment

OVERLORD commented 2026-02-05 00:15:59 +03:00

Owner

Copy Link

Originally created by @ghost on GitHub (Jan 17, 2022).

Subject of the issue

User with "manager" role cannot manage the users and collections of one organization.

The manager user can see the manage tab of the organization but as soon as it clicks on it, it gets one error and he is logged out.

Deployment environment

• vaultwarden version: 1.23.1

• Install method: docker

• Clients used: web vault

• Reverse proxy and version: nginx 1.20.2

• MySQL/MariaDB or PostgreSQL version: (internal sqllite database)

• Other relevant details:

Steps to reproduce

Use a "manager" user and click on the "manage" tab of the organization to edit users and collections.

Expected behaviour

Manager user should be able to edit users and collections.

Actual behaviour

As soon as you click, you are logged out.

Troubleshooting data

Logged out as soon as you click on the "manage" tab:

Some logs:

[2022-01-17 12:25:38.696][vaultwarden::api::identity][INFO] User xxxxx@yyy.zzz logged in successfully. IP: X.X.X.X
[2022-01-17 12:25:38.696][response][INFO] POST /identity/connect/token (login) => 200 OK
[2022-01-17 12:25:38.733][parity_ws::io][INFO] Accepted a new tcp connection from 172.18.0.2:45014.
[2022-01-17 12:25:38.763][request][INFO] POST /identity/connect/token
[2022-01-17 12:25:38.766][response][INFO] POST /identity/connect/token (login) => 200 OK
[2022-01-17 12:25:38.800][request][INFO] GET /api/sync?excludeDomains=true
[2022-01-17 12:25:38.817][response][INFO] GET /api/sync?<data..> (sync) => 200 OK
[2022-01-17 12:25:39.512][response][INFO] GET /icons/<domain>/icon.png (icon) => 200 OK
[2022-01-17 12:25:39.512][response][INFO] GET /icons/<domain>/icon.png (icon) => 200 OK
[2022-01-17 12:25:47.330][request][INFO] GET /api/collections
[2022-01-17 12:25:47.330][response][INFO] GET /api/collections (get_user_collections) => 200 OK
[2022-01-17 12:25:47.345][request][INFO] GET /api/organizations/b9cdfd6b-a86a-44bd-abb0-3c8279357127/collections
[2022-01-17 12:25:47.346][auth][ERROR] Unauthorized Error: You need to be Admin or Owner to call this endpoint
[2022-01-17 12:25:47.346][response][INFO] GET /api/organizations/<org_id>/collections (get_org_collections) => 401 Unauthorized

Originally created by @ghost on GitHub (Jan 17, 2022). <!-- # ### NOTE: Please update to the latest version of vaultwarden before reporting an issue! This saves you and us a lot of time and troubleshooting. See: * https://github.com/dani-garcia/vaultwarden/issues/1180 * https://github.com/dani-garcia/vaultwarden/wiki/Updating-the-vaultwarden-image # ### --> <!-- Please fill out the following template to make solving your problem easier and faster for us. This is only a guideline. If you think that parts are unnecessary for your issue, feel free to remove them. Remember to hide/redact personal or confidential information, such as passwords, IP addresses, and DNS names as appropriate. --> ### Subject of the issue User with "manager" role cannot manage the users and collections of one organization. The manager user can see the manage tab of the organization but as soon as it clicks on it, it gets one error and he is logged out. ### Deployment environment <!-- ========================================================================================= Preferably, use the `Generate Support String` button on the admin page's Diagnostics tab. That will auto-generate most of the info requested in this section. ========================================================================================= --> <!-- The version number, obtained from the logs (at startup) or the admin diagnostics page --> <!-- This is NOT the version number shown on the web vault, which is versioned separately from vaultwarden --> <!-- Remember to check if your issue exists on the latest version first! --> * vaultwarden version: 1.23.1 <!-- How the server was installed: Docker image, OS package, built from source, etc. --> * Install method: docker * Clients used: web vault * Reverse proxy and version: nginx 1.20.2 * MySQL/MariaDB or PostgreSQL version: (internal sqllite database) * Other relevant details: ### Steps to reproduce Use a "manager" user and click on the "manage" tab of the organization to edit users and collections. ### Expected behaviour Manager user should be able to edit users and collections. ### Actual behaviour As soon as you click, you are logged out. ### Troubleshooting data Logged out as soon as you click on the "manage" tab:  Some logs: ``` [2022-01-17 12:25:38.696][vaultwarden::api::identity][INFO] User xxxxx@yyy.zzz logged in successfully. IP: X.X.X.X [2022-01-17 12:25:38.696][response][INFO] POST /identity/connect/token (login) => 200 OK [2022-01-17 12:25:38.733][parity_ws::io][INFO] Accepted a new tcp connection from 172.18.0.2:45014. [2022-01-17 12:25:38.763][request][INFO] POST /identity/connect/token [2022-01-17 12:25:38.766][response][INFO] POST /identity/connect/token (login) => 200 OK [2022-01-17 12:25:38.800][request][INFO] GET /api/sync?excludeDomains=true [2022-01-17 12:25:38.817][response][INFO] GET /api/sync?<data..> (sync) => 200 OK [2022-01-17 12:25:39.512][response][INFO] GET /icons/<domain>/icon.png (icon) => 200 OK [2022-01-17 12:25:39.512][response][INFO] GET /icons/<domain>/icon.png (icon) => 200 OK [2022-01-17 12:25:47.330][request][INFO] GET /api/collections [2022-01-17 12:25:47.330][response][INFO] GET /api/collections (get_user_collections) => 200 OK [2022-01-17 12:25:47.345][request][INFO] GET /api/organizations/b9cdfd6b-a86a-44bd-abb0-3c8279357127/collections [2022-01-17 12:25:47.346][auth][ERROR] Unauthorized Error: You need to be Admin or Owner to call this endpoint [2022-01-17 12:25:47.346][response][INFO] GET /api/organizations/<org_id>/collections (get_org_collections) => 401 Unauthorized ```

OVERLORD closed this issue 2026-02-05 00:16:01 +03:00

OVERLORD commented 2026-02-05 00:16:04 +03:00

Author

Owner

Copy Link

@BlackDex commented on GitHub (Jan 17, 2022):

Please please search before you post an issue!

Duplicate of #2151 and #2227 and #2233
And already fixed in #2169

Use the testing tagged image for this fix.

@BlackDex commented on GitHub (Jan 17, 2022): Please please search before you post an issue! Duplicate of #2151 and #2227 and #2233 And already fixed in #2169 Use the `testing` tagged image for this fix.

OVERLORD referenced this issue 2026-02-05 05:02:09 +03:00

[PR #1211] [CLOSED] Emit warning generated by dotenv. #2885

OVERLORD referenced this issue 2026-02-05 05:02:09 +03:00

[PR #1212] [MERGED] Added error handling during dotenv loading #2887

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

main

cached-config-operations

test_dylint

1.35.2

1.35.1

1.35.0

1.34.3

1.34.2

1.34.1

1.34.0

1.33.2

1.33.1

1.33.0

1.32.7

1.32.6

1.32.5

1.32.4

1.32.3

1.32.2

1.32.1

1.32.0

1.31.0

1.30.5

1.30.4

1.30.3

1.30.2

1.30.1

1.30.0

1.29.2

1.29.1

1.29.0

1.28.1

1.28.0

1.27.0

1.26.0

1.25.2

1.25.1

1.25.0

1.24.0

1.23.1

1.23.0

1.22.2

1.22.1

1.22.0

1.21.0

1.20.0

1.19.0

1.18.0

1.17.0

1.16.3

1.16.2

1.16.1

1.16.0

1.15.1

1.15.0

1.14.2

1.14.1

1.14

1.13.1

1.13.0

1.12.0

1.11.0

1.10.0

1.9.1

1.9.0

1.8.0

1.7.0

1.6.1

1.6.0

1.5.0

1.4.0

1.3.0

1.2.0

1.1.0

1.0.0

0.13.0

0.12.0

0.11.0

0.10.0

0.9.0

Labels

Clear labels

SSO

Third party

better for forum

bug

bug

documentation

duplicate

enhancement

future Vault

future Vault

future Vault

good first issue

help wanted

low priority

notes

pull-request

Mirrored from GitHub Pull Request

question

troubleshooting

wontfix

No Label

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

OVERLORD

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: starred/vaultwarden#1196