Feature Request: User-based Permissions for “Send” Feature #1926

New Issue

OVERLORD · 2026-02-05T02:14:54+03:00

OVERLORD commented

2026-02-05 02:14:54 +03:00

Originally created by @Kapple14 on GitHub (Jun 2, 2024).

Feature Request: User-based Permissions for “Send” Feature

Currently, enabling and disabling the “Send” feature is a binary option that applies to all users. For safety and security reasons, it would be beneficial to have user-based permissions for the “Send” feature. This would allow administrators to specify which users are allowed to use the “Send” feature. I’d be willing to sponsor this feature to get it done faster.

Benefits

Enhanced security by limiting the use of the “Send” feature to specific users.
Increased control for administrators over feature usage.
Improved compliance with organizational policies and security protocols.

Suggested Integration Plan:

Introduce user-based permissions for the “Send” feature, allowing administrators to control which users can access and utilize this functionality from the admin panel.

Add user-based “Send” feature permissions
- Implement functionality to assign “Send” feature permissions to individual users.
- Test API security
Add an updated user-based “Send” feature to the admin panel
- Update the admin panel to include controls for managing user-based “Send” feature permissions.
- Provide clear documentation and user interface for administrators to easily enable or disable the “Send” feature on a per-user basis.
Add detailed error messaging for the audit logs.
- For example: Instead of having only the status code (404 not found) we should have more granularity for what the error is (404 not found: description of error + potential solution)

Originally created by @Kapple14 on GitHub (Jun 2, 2024). # Feature Request: User-based Permissions for “Send” Feature Currently, enabling and disabling the “Send” feature is a binary option that applies to all users. For safety and security reasons, it would be beneficial to have user-based permissions for the “Send” feature. This would allow administrators to specify which users are allowed to use the “Send” feature. I’d be willing to sponsor this feature to get it done faster. ## Benefits - Enhanced security by limiting the use of the “Send” feature to specific users. - Increased control for administrators over feature usage. - Improved compliance with organizational policies and security protocols. ## Suggested Integration Plan: Introduce user-based permissions for the “Send” feature, allowing administrators to control which users can access and utilize this functionality from the admin panel. 1. [ ] Add user-based “Send” feature permissions - Implement functionality to assign “Send” feature permissions to individual users. - Test API security 2. [ ] Add an updated user-based “Send” feature to the admin panel - Update the admin panel to include controls for managing user-based “Send” feature permissions. - Provide clear documentation and user interface for administrators to easily enable or disable the “Send” feature on a per-user basis. 3. [ ] Add detailed error messaging for the audit logs. - ![Vaultwarden_current_audit_logs](https://github.com/dani-garcia/vaultwarden/assets/92126744/10abe806-1a49-47d6-8bc4-cf1cae04736e) - For example: Instead of having only the status code (404 not found) we should have more granularity for what the error is (404 not found: description of error + potential solution)

OVERLORD closed this issue

2026-02-05 02:14:56 +03:00

OVERLORD commented

2026-02-05 02:14:59 +03:00

@rahizzle commented on GitHub (Jun 6, 2024):

Discussed in private chat, not part of Vault Warden roadmap

@rahizzle commented on GitHub (Jun 6, 2024): Discussed in private chat, not part of Vault Warden roadmap

Sign in to join this conversation.

1 Participants

Notifications

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: starred/vaultwarden#1926