starred/vaultwarden
1
0
Fork 0
mirror of https://github.com/dani-garcia/vaultwarden.git synced 2025-12-06 09:13:03 +03:00
Code Issues 429 Packages Projects Releases 10 Wiki Activity

User is still in "pending invitation" state while account is already created #229

New Issue
Closed
opened 2025-10-09 16:18:29 +03:00 by OVERLORD · 0 comments
OVERLORD commented 2025-10-09 16:18:29 +03:00
Owner
Copy Link

Originally created by @Creepios on GitHub.

Vaultwarden Support String

Your environment (Generated via diagnostics page)

  • Vaultwarden version: v1.33.0
  • Web-vault version: v2025.1.1
  • OS/Arch: linux/x86_64
  • Running within a container: true (Base: Debian)
  • Database type: MySQL
  • Database version: 11.6.2-MariaDB-ubu2404
  • Environment settings overridden!: false
  • Uses a reverse proxy: true
  • IP Header check: true (X-Real-IP)
  • Internet access: true
  • Internet access via a proxy: false
  • DNS Check: true
  • Browser/Server Time Check: true
  • Server/NTP Time Check: n/a
  • Domain Configuration Check: true
  • HTTPS Check: true
  • Websocket Check: true
  • HTTP Response Checks: false

Config & Details (Generated via diagnostics page)

Show Config & Details

Failed HTTP Checks:

API calls:
Header: 'x-xss-protection' does not contain '0'
2FA Connector calls:
Header: 'x-xss-protection' does not contain '0'
Header: 'x-frame-options' is present while it should not

Config:

{
  "_duo_akey": null,
  "_enable_duo": true,
  "_enable_email_2fa": true,
  "_enable_smtp": true,
  "_enable_yubico": true,
  "_icon_service_csp": "https://icons.bitwarden.net/",
  "_icon_service_url": "https://icons.bitwarden.net/{}/icon.png",
  "_ip_header_enabled": true,
  "_max_note_size": 10000,
  "_smtp_img_src": "***:",
  "admin_ratelimit_max_burst": 3,
  "admin_ratelimit_seconds": 300,
  "admin_session_lifetime": 120,
  "admin_token": "***",
  "allowed_connect_src": "",
  "allowed_iframe_ancestors": "",
  "attachments_folder": "data/attachments",
  "auth_request_purge_schedule": "30 * * * * *",
  "authenticator_disable_time_drift": false,
  "data_folder": "data",
  "database_conn_init": "",
  "database_max_conns": 50,
  "database_timeout": 10,
  "database_url": "*****://************************************************************************************",
  "db_connection_retries": 0,
  "disable_2fa_remember": false,
  "disable_admin_token": false,
  "disable_icon_download": false,
  "domain": "*****://********************",
  "domain_origin": "*****://********************",
  "domain_path": "",
  "domain_set": true,
  "duo_context_purge_schedule": "30 * * * * *",
  "duo_host": null,
  "duo_ikey": null,
  "duo_skey": null,
  "duo_use_iframe": false,
  "email_2fa_auto_fallback": true,
  "email_2fa_enforce_on_verified_invite": false,
  "email_attempts_limit": 3,
  "email_change_allowed": false,
  "email_expiration_time": 600,
  "email_token_size": 6,
  "emergency_access_allowed": true,
  "emergency_notification_reminder_schedule": "0 3 * * * *",
  "emergency_request_timeout_schedule": "0 7 * * * *",
  "enable_db_wal": true,
  "enable_websocket": true,
  "enforce_single_org_with_reset_pw_policy": true,
  "event_cleanup_schedule": "",
  "events_days_retain": 365,
  "experimental_client_feature_flags": "fido2-vault-credentials,browser-fileless-import,autofill-v2",
  "extended_logging": true,
  "helo_name": "*************************",
  "hibp_api_key": null,
  "http_request_block_non_global_ips": true,
  "http_request_block_regex": null,
  "icon_blacklist_non_global_ips": true,
  "icon_blacklist_regex": null,
  "icon_cache_folder": "data/icon_cache",
  "icon_cache_negttl": 259200,
  "icon_cache_ttl": 2592000,
  "icon_download_timeout": 10,
  "icon_redirect_code": 302,
  "icon_service": "bitwarden",
  "incomplete_2fa_schedule": "30 * * * * *",
  "incomplete_2fa_time_limit": 3,
  "increase_note_size_limit": false,
  "invitation_expiration_hours": 120,
  "invitation_org_name": "Passwort Manager",
  "invitations_allowed": true,
  "ip_header": "X-Real-IP",
  "job_poll_interval_ms": 30000,
  "log_file": "/var/log/vaultwarden.log",
  "log_level": "info",
  "log_timestamp_format": "%Y-%m-%d %H:%M:%S.%3f",
  "login_ratelimit_max_burst": 10,
  "login_ratelimit_seconds": 60,
  "org_attachment_limit": null,
  "org_creation_users": "***********************",
  "org_events_enabled": true,
  "org_groups_enabled": true,
  "password_hints_allowed": true,
  "password_iterations": 600000,
  "push_enabled": false,
  "push_identity_uri": "https://identity.bitwarden.com",
  "push_installation_id": "***",
  "push_installation_key": "***",
  "push_relay_uri": "https://push.bitwarden.com",
  "reload_templates": false,
  "require_device_email": false,
  "rsa_key_filename": "data/rsa_key",
  "send_purge_schedule": "0 5 * * * *",
  "sendmail_command": null,
  "sends_allowed": true,
  "sends_folder": "data/sends",
  "show_password_hint": false,
  "signups_allowed": false,
  "signups_domains_whitelist": "***********,**************",
  "signups_verify": true,
  "signups_verify_resend_limit": 10,
  "signups_verify_resend_time": 3600,
  "smtp_accept_invalid_certs": true,
  "smtp_accept_invalid_hostnames": false,
  "smtp_auth_mechanism": null,
  "smtp_debug": false,
  "smtp_embed_images": true,
  "smtp_explicit_tls": null,
  "smtp_from": "***********************",
  "smtp_from_name": "Passwort Tresor",
  "smtp_host": "*************************",
  "smtp_password": "***",
  "smtp_port": 587,
  "smtp_security": "starttls",
  "smtp_ssl": null,
  "smtp_timeout": 15,
  "smtp_username": "**************",
  "templates_folder": "data/templates",
  "tmp_folder": "data/tmp",
  "trash_auto_delete_days": 365,
  "trash_purge_schedule": "0 5 0 * * *",
  "use_sendmail": false,
  "use_syslog": false,
  "user_attachment_limit": 20480,
  "user_send_limit": null,
  "web_vault_enabled": true,
  "web_vault_folder": "web-vault/",
  "yubico_client_id": null,
  "yubico_secret_key": null,
  "yubico_server": null
}

Vaultwarden Build Version

v1.33.0

Deployment method

Official Container Image

Custom deployment method

No response

Reverse Proxy

traefik 3.3.2

Host/Server Operating System

Linux

Operating System Version

Debian 12

Clients

Web Vault

Client Version

every modern browser

Steps To Reproduce

  1. Have an organization where users are automatically invited to. Additionally let the users be invited through automatic importing of the (official) Bitwarden Directory Connector.
  2. User will be invited automatically. (and receives Email)
  3. User accepts the invite through email
  4. User creates an account
  5. User can access Vaultwarden

Expected Result

When the user has finished its registration, in the admin console (of the web vault) there it should show that the user has no pending invitation. In the Admin Panel (/admin) there it should show that the user is "Verified" and not "Invited". With this result you can manage the user and allow them to be in a organization.

Actual Result

When the user has finished its registration, the admin console (of the web vault) shows that there is still a pending invitation, while the admin panel (/admin) shows that it is a verified user, which has accepted the invitation.
Effectively, you couldn't manage the user as of the pending state and can't give them access to the organization

Logs

Screenshots or Videos

Expected Result:
In the admin console (web vault)
Image
Image

In the Admin Panel (/admin)
Image

Actual Result:
In the admin console (web vault)
Image
Image

In the Admin Panel (/admin)
Image

Additional Context

I'm nearly 100% sure that this wasn't the case before v1.33.0 of vaultwarden (before web-vault v2025.1.1).

Originally created by @Creepios on GitHub. ### Vaultwarden Support String ### Your environment (Generated via diagnostics page) * Vaultwarden version: v1.33.0 * Web-vault version: v2025.1.1 * OS/Arch: linux/x86_64 * Running within a container: true (Base: Debian) * Database type: MySQL * Database version: 11.6.2-MariaDB-ubu2404 * Environment settings overridden!: false * Uses a reverse proxy: true * IP Header check: true (X-Real-IP) * Internet access: true * Internet access via a proxy: false * DNS Check: true * Browser/Server Time Check: true * Server/NTP Time Check: n/a * Domain Configuration Check: true * HTTPS Check: true * Websocket Check: true * HTTP Response Checks: false ### Config & Details (Generated via diagnostics page) <details><summary>Show Config & Details</summary> **Failed HTTP Checks:** ```yaml API calls: Header: 'x-xss-protection' does not contain '0' 2FA Connector calls: Header: 'x-xss-protection' does not contain '0' Header: 'x-frame-options' is present while it should not ``` **Config:** ```json { "_duo_akey": null, "_enable_duo": true, "_enable_email_2fa": true, "_enable_smtp": true, "_enable_yubico": true, "_icon_service_csp": "https://icons.bitwarden.net/", "_icon_service_url": "https://icons.bitwarden.net/{}/icon.png", "_ip_header_enabled": true, "_max_note_size": 10000, "_smtp_img_src": "***:", "admin_ratelimit_max_burst": 3, "admin_ratelimit_seconds": 300, "admin_session_lifetime": 120, "admin_token": "***", "allowed_connect_src": "", "allowed_iframe_ancestors": "", "attachments_folder": "data/attachments", "auth_request_purge_schedule": "30 * * * * *", "authenticator_disable_time_drift": false, "data_folder": "data", "database_conn_init": "", "database_max_conns": 50, "database_timeout": 10, "database_url": "*****://************************************************************************************", "db_connection_retries": 0, "disable_2fa_remember": false, "disable_admin_token": false, "disable_icon_download": false, "domain": "*****://********************", "domain_origin": "*****://********************", "domain_path": "", "domain_set": true, "duo_context_purge_schedule": "30 * * * * *", "duo_host": null, "duo_ikey": null, "duo_skey": null, "duo_use_iframe": false, "email_2fa_auto_fallback": true, "email_2fa_enforce_on_verified_invite": false, "email_attempts_limit": 3, "email_change_allowed": false, "email_expiration_time": 600, "email_token_size": 6, "emergency_access_allowed": true, "emergency_notification_reminder_schedule": "0 3 * * * *", "emergency_request_timeout_schedule": "0 7 * * * *", "enable_db_wal": true, "enable_websocket": true, "enforce_single_org_with_reset_pw_policy": true, "event_cleanup_schedule": "", "events_days_retain": 365, "experimental_client_feature_flags": "fido2-vault-credentials,browser-fileless-import,autofill-v2", "extended_logging": true, "helo_name": "*************************", "hibp_api_key": null, "http_request_block_non_global_ips": true, "http_request_block_regex": null, "icon_blacklist_non_global_ips": true, "icon_blacklist_regex": null, "icon_cache_folder": "data/icon_cache", "icon_cache_negttl": 259200, "icon_cache_ttl": 2592000, "icon_download_timeout": 10, "icon_redirect_code": 302, "icon_service": "bitwarden", "incomplete_2fa_schedule": "30 * * * * *", "incomplete_2fa_time_limit": 3, "increase_note_size_limit": false, "invitation_expiration_hours": 120, "invitation_org_name": "Passwort Manager", "invitations_allowed": true, "ip_header": "X-Real-IP", "job_poll_interval_ms": 30000, "log_file": "/var/log/vaultwarden.log", "log_level": "info", "log_timestamp_format": "%Y-%m-%d %H:%M:%S.%3f", "login_ratelimit_max_burst": 10, "login_ratelimit_seconds": 60, "org_attachment_limit": null, "org_creation_users": "***********************", "org_events_enabled": true, "org_groups_enabled": true, "password_hints_allowed": true, "password_iterations": 600000, "push_enabled": false, "push_identity_uri": "https://identity.bitwarden.com", "push_installation_id": "***", "push_installation_key": "***", "push_relay_uri": "https://push.bitwarden.com", "reload_templates": false, "require_device_email": false, "rsa_key_filename": "data/rsa_key", "send_purge_schedule": "0 5 * * * *", "sendmail_command": null, "sends_allowed": true, "sends_folder": "data/sends", "show_password_hint": false, "signups_allowed": false, "signups_domains_whitelist": "***********,**************", "signups_verify": true, "signups_verify_resend_limit": 10, "signups_verify_resend_time": 3600, "smtp_accept_invalid_certs": true, "smtp_accept_invalid_hostnames": false, "smtp_auth_mechanism": null, "smtp_debug": false, "smtp_embed_images": true, "smtp_explicit_tls": null, "smtp_from": "***********************", "smtp_from_name": "Passwort Tresor", "smtp_host": "*************************", "smtp_password": "***", "smtp_port": 587, "smtp_security": "starttls", "smtp_ssl": null, "smtp_timeout": 15, "smtp_username": "**************", "templates_folder": "data/templates", "tmp_folder": "data/tmp", "trash_auto_delete_days": 365, "trash_purge_schedule": "0 5 0 * * *", "use_sendmail": false, "use_syslog": false, "user_attachment_limit": 20480, "user_send_limit": null, "web_vault_enabled": true, "web_vault_folder": "web-vault/", "yubico_client_id": null, "yubico_secret_key": null, "yubico_server": null } ``` </details> ### Vaultwarden Build Version v1.33.0 ### Deployment method Official Container Image ### Custom deployment method _No response_ ### Reverse Proxy traefik 3.3.2 ### Host/Server Operating System Linux ### Operating System Version Debian 12 ### Clients Web Vault ### Client Version every modern browser ### Steps To Reproduce 1. Have an organization where users are automatically invited to. Additionally let the users be invited through automatic importing of the (official) Bitwarden Directory Connector. 2. User will be invited automatically. (and receives Email) 3. User accepts the invite through email 4. User creates an account 5. User can access Vaultwarden ### Expected Result When the user has finished its registration, in the admin console (of the web vault) there it should show that the user has no pending invitation. In the Admin Panel (**/admin**) there it should show that the user is "Verified" and **not** "Invited". With this result you can manage the user and allow them to be in a organization. ### Actual Result When the user has finished its registration, the admin console (of the web vault) shows that there is still a pending invitation, while the admin panel (**/admin**) shows that it is a verified user, which has accepted the invitation. Effectively, you couldn't manage the user as of the pending state and can't give them access to the organization ### Logs ```text ``` ### Screenshots or Videos **Expected Result:** In the admin console (web vault) ![Image](https://github.com/user-attachments/assets/f1c61aa8-71ee-48e7-a444-a2d1c07fb28a) ![Image](https://github.com/user-attachments/assets/78e81244-cdff-4b3e-8587-6d1981b96e1e) In the Admin Panel (**/admin**) ![Image](https://github.com/user-attachments/assets/dd1016e9-3136-4f0d-807a-b44b8002f78c) **Actual Result:** In the admin console (web vault) ![Image](https://github.com/user-attachments/assets/bb5374d2-91fa-4e00-b5fc-a0d1e8c20381) ![Image](https://github.com/user-attachments/assets/a19fdf1b-51fe-44b4-be40-0ced1b9ec886) In the Admin Panel (**/admin**) ![Image](https://github.com/user-attachments/assets/92151974-d2c3-4ab8-8da1-bf3dade2c26e) ### Additional Context I'm nearly 100% sure that this wasn't the case before v1.33.0 of vaultwarden (before web-vault v2025.1.1).
OVERLORD added the bug label 2025-10-09 16:18:29 +03:00
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
better for forum
bug
bug
bug
documentation
duplicate
enhancement
future Vault
good first issue
help wanted
low priority
notes
pull-request
Mirrored from GitHub Pull Request
 question
SSO
Third party
troubleshooting
troubleshooting
wontfix
No Label bug
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
OVERLORD
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: starred/vaultwarden#229
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?