Opening an invitation link from Office365 webmail gives you a wrong URL leading to a 404 Not Found on account creation #2184

New Issue

MrUnknownDE · 2026-04-06T03:10:40+02:00

MrUnknownDE commented

2026-04-06 03:10:40 +02:00

Originally created by @Minaru on 3/18/2022

Subject of the issue

When inviting a user to join a vaultwarden instance and said user attempts to click join link from office365 webmail browser client, user is directed to a bad URL which leads them to a 404 not found message when attempting to validate their account creation

Said user can however log in a web client application (i.e. Outlook), open the same mail, click on the join link in the vaultwarden invitation email, and gets a proper URL which leads them to a successful account creation when attempting to validate

Deployment environment

Your environment (Generated via diagnostics page)

Vaultwarden version: v1.24.0
Web-vault version: v2.25.1
Running within Docker: true (Base: Debian)
Environment settings overridden: true
Uses a reverse proxy: true
IP Header check: true (X-Real-IP)
Internet access: true
Internet access via a proxy: false
DNS Check: true
Time Check: true
Domain Configuration Check: true
HTTPS Check: true
Database type: SQLite
Database version: 3.35.4
Clients used:
Reverse proxy and version:
Other relevant information:

Config (Generated via diagnostics page)

Show Running Config

Environment settings which are overridden: ADMIN_TOKEN

{
  "_duo_akey": null,
  "_enable_duo": false,
  "_enable_email_2fa": true,
  "_enable_smtp": true,
  "_enable_yubico": false,
  "_ip_header_enabled": true,
  "admin_ratelimit_max_burst": 3,
  "admin_ratelimit_seconds": 300,
  "admin_token": "***",
  "allowed_iframe_ancestors": "",
  "attachments_folder": "data/attachments",
  "authenticator_disable_time_drift": false,
  "data_folder": "data",
  "database_max_conns": 10,
  "database_url": "****/**.*******",
  "db_connection_retries": 15,
  "disable_2fa_remember": false,
  "disable_admin_token": false,
  "disable_icon_download": false,
  "domain": "*****://**************.****.*****.**",
  "domain_origin": "*****://**************.****.*****.**",
  "domain_path": "",
  "domain_set": true,
  "duo_host": null,
  "duo_ikey": null,
  "duo_skey": null,
  "email_attempts_limit": 3,
  "email_expiration_time": 600,
  "email_token_size": 6,
  "emergency_access_allowed": true,
  "emergency_notification_reminder_schedule": "0 5 * * * *",
  "emergency_request_timeout_schedule": "0 5 * * * *",
  "enable_db_wal": true,
  "extended_logging": true,
  "helo_name": null,
  "hibp_api_key": null,
  "icon_blacklist_non_global_ips": true,
  "icon_blacklist_regex": null,
  "icon_cache_folder": "data/icon_cache",
  "icon_cache_negttl": 259200,
  "icon_cache_ttl": 2592000,
  "icon_download_timeout": 10,
  "icon_redirect_code": 302,
  "icon_service": "internal",
  "incomplete_2fa_schedule": "30 * * * * *",
  "incomplete_2fa_time_limit": 3,
  "invitation_org_name": "Vaultwarden",
  "invitations_allowed": true,
  "ip_header": "X-Real-IP",
  "job_poll_interval_ms": 30000,
  "log_file": null,
  "log_level": "Info",
  "log_timestamp_format": "%Y-%m-%d %H:%M:%S.%3f",
  "login_ratelimit_max_burst": 10,
  "login_ratelimit_seconds": 60,
  "org_attachment_limit": null,
  "org_creation_users": "",
  "password_iterations": 100000,
  "reload_templates": false,
  "require_device_email": true,
  "rsa_key_filename": "data/rsa_key",
  "send_purge_schedule": "0 5 * * * *",
  "sends_allowed": true,
  "sends_folder": "data/sends",
  "show_password_hint": false,
  "signups_allowed": false,
  "signups_domains_whitelist": "",
  "signups_verify": true,
  "signups_verify_resend_limit": 6,
  "signups_verify_resend_time": 3600,
  "smtp_accept_invalid_certs": false,
  "smtp_accept_invalid_hostnames": false,
  "smtp_auth_mechanism": "nothing",
  "smtp_debug": false,
  "smtp_explicit_tls": false,
  "smtp_from": "**@*****.**",
  "smtp_from_name": "Vaultwarden",
  "smtp_host": "****.*****.**",
  "smtp_password": null,
  "smtp_port": 25,
  "smtp_ssl": false,
  "smtp_timeout": 15,
  "smtp_username": null,
  "templates_folder": "data/templates",
  "trash_auto_delete_days": null,
  "trash_purge_schedule": "0 5 0 * * *",
  "use_syslog": false,
  "user_attachment_limit": null,
  "web_vault_enabled": true,
  "web_vault_folder": "web-vault/",
  "websocket_address": "0.0.0.0",
  "websocket_enabled": false,
  "websocket_port": 3012,
  "yubico_client_id": null,
  "yubico_secret_key": null,
  "yubico_server": null
}

vaultwarden version: 1.24.0
Install method: Docker (Base: Debian 10)
Clients used: Web Vault
Reverse proxy and version: Nginx 1.14.2
Other relevant details: N/A

Steps to reproduce

Log in Admin panel and go in the Users tab.

Invite a new User.

Said user receives an invitation email to join the vaultwarden instance

User clicks on link in their email

When prompted to "Log in" or "Create account", they "Create account" since they do not have an account yet (1)

User fills their name and master password + confirmation

User clicks Submit

Expected behaviour

User gets redirected to log in screen with a notification that says their account is created

Actual behaviour

User gets a 404 not found notification

Troubleshooting data

WEBCLIENT CASE

When opening link from webclient, user gets this link:

https://<host>/?organizationId=_&organizationUserId=_&email=<first_name>%2E<last_name>%40<domain>%2E<country_tld>&organizationName=Vaultwarden&token=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJuYmYiOjE2NDc2MjY0NzYsImV4cCI6MTY0ODA1ODQ3NiwiaXNzIjoiaHR0cHM6Ly92YXVsdHdhcmRlbi1yZC5wcml2LnNld2FuLmZyfGludml0ZSIsInN1YiI6IjMwYWJhMzE1LTRjZTQtNDJhYy1hYzY2LThmODE3OTg2M2VjMiIsImVtYWlsIjoibWF4aW1lLmRlbW9kZUBzZXdhbi5mciIsIm9yZ19pZCI6bnVsbCwidXNlcl9vcmdfaWQiOm51bGwsImludml0ZWRfYnlfZW1haWwiOm51bGx9.eo_F4iV5LkI8NTJXxINm7ZbXnSkQ-hqY-SwU0ZyPXHUUMCZwXYA2po9g-WsmcuKkOGTx7tlm8dIbhTyzF3QHXBFRM3_q4NgUNuJi8ModyztYq_oibqBCo0UXuQALAWsyjZpcU9jjALuUdov3C_AW-ZG15ul4qmFlqMnhtJMyywKvrXbNtKAPJBURBTMWuRms835EOUp_-QyzlHNkenYoQbzCF2jmE_-lMHBB6qyyt2y-D5VnrevWtF_XrrceuGLCiNLPjLLUf-tHXM12klgfMuKM5ftgv2OMdrtIzugn-_v7HorP39aZpf6FSQJEPeBV8kb5iW93AXlAzigWbrICjw#/accept-organization?organizationId=_&organizationUserId=_&email=<first_name>.<last_name>@<domain>.<country_tld>&organizationName=Vaultwarden&token=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJuYmYiOjE2NDc2MjY0NzYsImV4cCI6MTY0ODA1ODQ3NiwiaXNzIjoiaHR0cHM6Ly92YXVsdHdhcmRlbi1yZC5wcml2LnNld2FuLmZyfGludml0ZSIsInN1YiI6IjMwYWJhMzE1LTRjZTQtNDJhYy1hYzY2LThmODE3OTg2M2VjMiIsImVtYWlsIjoibWF4aW1lLmRlbW9kZUBzZXdhbi5mciIsIm9yZ19pZCI6bnVsbCwidXNlcl9vcmdfaWQiOm51bGwsImludml0ZWRfYnlfZW1haWwiOm51bGx9.eo_F4iV5LkI8NTJXxINm7ZbXnSkQ-hqY-SwU0ZyPXHUUMCZwXYA2po9g-WsmcuKkOGTx7tlm8dIbhTyzF3QHXBFRM3_q4NgUNuJi8ModyztYq_oibqBCo0UXuQALAWsyjZpcU9jjALuUdov3C_AW-ZG15ul4qmFlqMnhtJMyywKvrXbNtKAPJBURBTMWuRms835EOUp_-QyzlHNkenYoQbzCF2jmE_-lMHBB6qyyt2y-D5VnrevWtF_XrrceuGLCiNLPjLLUf-tHXM12klgfMuKM5ftgv2OMdrtIzugn-_v7HorP39aZpf6FSQJEPeBV8kb5iW93AXlAzigWbrICjw

When they click "Create Account" from this link, they get to this link:

https://<host>/?organizationId=_&organizationUserId=_&email=<first_name>%2E<last_name>%40<domain>%2E<country_tld>&organizationName=Vaultwarden&token=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJuYmYiOjE2NDc2MjY0NzYsImV4cCI6MTY0ODA1ODQ3NiwiaXNzIjoiaHR0cHM6Ly92YXVsdHdhcmRlbi1yZC5wcml2LnNld2FuLmZyfGludml0ZSIsInN1YiI6IjMwYWJhMzE1LTRjZTQtNDJhYy1hYzY2LThmODE3OTg2M2VjMiIsImVtYWlsIjoibWF4aW1lLmRlbW9kZUBzZXdhbi5mciIsIm9yZ19pZCI6bnVsbCwidXNlcl9vcmdfaWQiOm51bGwsImludml0ZWRfYnlfZW1haWwiOm51bGx9.eo_F4iV5LkI8NTJXxINm7ZbXnSkQ-hqY-SwU0ZyPXHUUMCZwXYA2po9g-WsmcuKkOGTx7tlm8dIbhTyzF3QHXBFRM3_q4NgUNuJi8ModyztYq_oibqBCo0UXuQALAWsyjZpcU9jjALuUdov3C_AW-ZG15ul4qmFlqMnhtJMyywKvrXbNtKAPJBURBTMWuRms835EOUp_-QyzlHNkenYoQbzCF2jmE_-lMHBB6qyyt2y-D5VnrevWtF_XrrceuGLCiNLPjLLUf-tHXM12klgfMuKM5ftgv2OMdrtIzugn-_v7HorP39aZpf6FSQJEPeBV8kb5iW93AXlAzigWbrICjw#/register?email=<first_name>.<last_name>@<domain>.<country_tld>

APPCLIENT (Outlook) CASE

When opening link from Outlook, user gets this link:

https://<host>/#/accept-organization?organizationId=_&organizationUserId=_&email=<first_name>.<last_name>@<domain>.<country_tld>&organizationName=Vaultwarden&token=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJuYmYiOjE2NDc2MjY0NzYsImV4cCI6MTY0ODA1ODQ3NiwiaXNzIjoiaHR0cHM6Ly92YXVsdHdhcmRlbi1yZC5wcml2LnNld2FuLmZyfGludml0ZSIsInN1YiI6IjMwYWJhMzE1LTRjZTQtNDJhYy1hYzY2LThmODE3OTg2M2VjMiIsImVtYWlsIjoibWF4aW1lLmRlbW9kZUBzZXdhbi5mciIsIm9yZ19pZCI6bnVsbCwidXNlcl9vcmdfaWQiOm51bGwsImludml0ZWRfYnlfZW1haWwiOm51bGx9.eo_F4iV5LkI8NTJXxINm7ZbXnSkQ-hqY-SwU0ZyPXHUUMCZwXYA2po9g-WsmcuKkOGTx7tlm8dIbhTyzF3QHXBFRM3_q4NgUNuJi8ModyztYq_oibqBCo0UXuQALAWsyjZpcU9jjALuUdov3C_AW-ZG15ul4qmFlqMnhtJMyywKvrXbNtKAPJBURBTMWuRms835EOUp_-QyzlHNkenYoQbzCF2jmE_-lMHBB6qyyt2y-D5VnrevWtF_XrrceuGLCiNLPjLLUf-tHXM12klgfMuKM5ftgv2OMdrtIzugn-_v7HorP39aZpf6FSQJEPeBV8kb5iW93AXlAzigWbrICjw

When they click "Create Account" from this link, they get to this link:

https://<host>/#/register?email=<first_name>.<last_name>@<domain>.<country_tld>

POTENTIAL ISSUE IDENTIFIED ?

From what I can see, when I click on the "Join" button from webclient, I get a malformed URL which inserts

?organizationId=_&organizationUserId=_&email=<first_name>%2E<last_name>%40<domain>%2E<country_tld>&organizationName=Vaultwarden&token=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJuYmYiOjE2NDc2MjY0NzYsImV4cCI6MTY0ODA1ODQ3NiwiaXNzIjoiaHR0cHM6Ly92YXVsdHdhcmRlbi1yZC5wcml2LnNld2FuLmZyfGludml0ZSIsInN1YiI6IjMwYWJhMzE1LTRjZTQtNDJhYy1hYzY2LThmODE3OTg2M2VjMiIsImVtYWlsIjoibWF4aW1lLmRlbW9kZUBzZXdhbi5mciIsIm9yZ19pZCI6bnVsbCwidXNlcl9vcmdfaWQiOm51bGwsImludml0ZWRfYnlfZW1haWwiOm51bGx9.eo_F4iV5LkI8NTJXxINm7ZbXnSkQ-hqY-SwU0ZyPXHUUMCZwXYA2po9g-WsmcuKkOGTx7tlm8dIbhTyzF3QHXBFRM3_q4NgUNuJi8ModyztYq_oibqBCo0UXuQALAWsyjZpcU9jjALuUdov3C_AW-ZG15ul4qmFlqMnhtJMyywKvrXbNtKAPJBURBTMWuRms835EOUp_-QyzlHNkenYoQbzCF2jmE_-lMHBB6qyyt2y-D5VnrevWtF_XrrceuGLCiNLPjLLUf-tHXM12klgfMuKM5ftgv2OMdrtIzugn-_v7HorP39aZpf6FSQJEPeBV8kb5iW93AXlAzigWbrICjw

inbetween https://<host>/ and

#/accept-organization?organizationId=_&organizationUserId=_&email=<first_name>.<last_name>@<domain>.<country_tld>&organizationName=Vaultwarden&token=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJuYmYiOjE2NDc2MjY0NzYsImV4cCI6MTY0ODA1ODQ3NiwiaXNzIjoiaHR0cHM6Ly92YXVsdHdhcmRlbi1yZC5wcml2LnNld2FuLmZyfGludml0ZSIsInN1YiI6IjMwYWJhMzE1LTRjZTQtNDJhYy1hYzY2LThmODE3OTg2M2VjMiIsImVtYWlsIjoibWF4aW1lLmRlbW9kZUBzZXdhbi5mciIsIm9yZ19pZCI6bnVsbCwidXNlcl9vcmdfaWQiOm51bGwsImludml0ZWRfYnlfZW1haWwiOm51bGx9.eo_F4iV5LkI8NTJXxINm7ZbXnSkQ-hqY-SwU0ZyPXHUUMCZwXYA2po9g-WsmcuKkOGTx7tlm8dIbhTyzF3QHXBFRM3_q4NgUNuJi8ModyztYq_oibqBCo0UXuQALAWsyjZpcU9jjALuUdov3C_AW-ZG15ul4qmFlqMnhtJMyywKvrXbNtKAPJBURBTMWuRms835EOUp_-QyzlHNkenYoQbzCF2jmE_-lMHBB6qyyt2y-D5VnrevWtF_XrrceuGLCiNLPjLLUf-tHXM12klgfMuKM5ftgv2OMdrtIzugn-_v7HorP39aZpf6FSQJEPeBV8kb5iW93AXlAzigWbrICjw

The inserted part from the webclient URL is the issues since it seems like if you concatenate the host part and the part starting with #/ you pretty much gets the proper URL that Outlook gives you.

*Originally created by @Minaru on 3/18/2022* ### Subject of the issue When inviting a user to join a vaultwarden instance and said user attempts to click join link from office365 webmail browser client, user is directed to a bad URL which leads them to a 404 not found message when attempting to validate their account creation Said user can however log in a web client application (i.e. Outlook), open the same mail, click on the join link in the vaultwarden invitation email, and gets a proper URL which leads them to a successful account creation when attempting to validate ### Deployment environment ### Your environment (Generated via diagnostics page) * Vaultwarden version: v1.24.0 * Web-vault version: v2.25.1 * Running within Docker: true (Base: Debian) * Environment settings overridden: true * Uses a reverse proxy: true * IP Header check: true (X-Real-IP) * Internet access: true * Internet access via a proxy: false * DNS Check: true * Time Check: true * Domain Configuration Check: true * HTTPS Check: true * Database type: SQLite * Database version: 3.35.4 * Clients used: * Reverse proxy and version: * Other relevant information: ### Config (Generated via diagnostics page) <details><summary>Show Running Config</summary> **Environment settings which are overridden:** ADMIN_TOKEN ```json { "_duo_akey": null, "_enable_duo": false, "_enable_email_2fa": true, "_enable_smtp": true, "_enable_yubico": false, "_ip_header_enabled": true, "admin_ratelimit_max_burst": 3, "admin_ratelimit_seconds": 300, "admin_token": "***", "allowed_iframe_ancestors": "", "attachments_folder": "data/attachments", "authenticator_disable_time_drift": false, "data_folder": "data", "database_max_conns": 10, "database_url": "****/**.*******", "db_connection_retries": 15, "disable_2fa_remember": false, "disable_admin_token": false, "disable_icon_download": false, "domain": "*****://**************.****.*****.**", "domain_origin": "*****://**************.****.*****.**", "domain_path": "", "domain_set": true, "duo_host": null, "duo_ikey": null, "duo_skey": null, "email_attempts_limit": 3, "email_expiration_time": 600, "email_token_size": 6, "emergency_access_allowed": true, "emergency_notification_reminder_schedule": "0 5 * * * *", "emergency_request_timeout_schedule": "0 5 * * * *", "enable_db_wal": true, "extended_logging": true, "helo_name": null, "hibp_api_key": null, "icon_blacklist_non_global_ips": true, "icon_blacklist_regex": null, "icon_cache_folder": "data/icon_cache", "icon_cache_negttl": 259200, "icon_cache_ttl": 2592000, "icon_download_timeout": 10, "icon_redirect_code": 302, "icon_service": "internal", "incomplete_2fa_schedule": "30 * * * * *", "incomplete_2fa_time_limit": 3, "invitation_org_name": "Vaultwarden", "invitations_allowed": true, "ip_header": "X-Real-IP", "job_poll_interval_ms": 30000, "log_file": null, "log_level": "Info", "log_timestamp_format": "%Y-%m-%d %H:%M:%S.%3f", "login_ratelimit_max_burst": 10, "login_ratelimit_seconds": 60, "org_attachment_limit": null, "org_creation_users": "", "password_iterations": 100000, "reload_templates": false, "require_device_email": true, "rsa_key_filename": "data/rsa_key", "send_purge_schedule": "0 5 * * * *", "sends_allowed": true, "sends_folder": "data/sends", "show_password_hint": false, "signups_allowed": false, "signups_domains_whitelist": "", "signups_verify": true, "signups_verify_resend_limit": 6, "signups_verify_resend_time": 3600, "smtp_accept_invalid_certs": false, "smtp_accept_invalid_hostnames": false, "smtp_auth_mechanism": "nothing", "smtp_debug": false, "smtp_explicit_tls": false, "smtp_from": "**@*****.**", "smtp_from_name": "Vaultwarden", "smtp_host": "****.*****.**", "smtp_password": null, "smtp_port": 25, "smtp_ssl": false, "smtp_timeout": 15, "smtp_username": null, "templates_folder": "data/templates", "trash_auto_delete_days": null, "trash_purge_schedule": "0 5 0 * * *", "use_syslog": false, "user_attachment_limit": null, "web_vault_enabled": true, "web_vault_folder": "web-vault/", "websocket_address": "0.0.0.0", "websocket_enabled": false, "websocket_port": 3012, "yubico_client_id": null, "yubico_secret_key": null, "yubico_server": null } ``` </details> * vaultwarden version: 1.24.0 * Install method: Docker (Base: Debian 10) * Clients used: Web Vault * Reverse proxy and version: Nginx 1.14.2 * Other relevant details: N/A ### Steps to reproduce Log in Admin panel and go in the Users tab. Invite a new User. Said user receives an invitation email to join the vaultwarden instance User clicks on link in their email When prompted to "Log in" or "Create account", they "Create account" since they do not have an account yet **(1)** User fills their name and master password + confirmation User clicks Submit ### Expected behaviour User gets redirected to log in screen with a notification that says their account is created ![image](https://user-images.githubusercontent.com/17097702/159062527-d37ca82b-58c1-4a5d-b86f-9339c61fe718.png) ### Actual behaviour User gets a 404 not found notification ![image](https://user-images.githubusercontent.com/17097702/159059884-f8ab1f73-09d2-4d01-a6f4-bb9f630fcd71.png) ### Troubleshooting data **WEBCLIENT CASE** When opening link from webclient, user gets this link: ```https://<host>/?organizationId=_&organizationUserId=_&email=<first_name>%2E<last_name>%40<domain>%2E<country_tld>&organizationName=Vaultwarden&token=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJuYmYiOjE2NDc2MjY0NzYsImV4cCI6MTY0ODA1ODQ3NiwiaXNzIjoiaHR0cHM6Ly92YXVsdHdhcmRlbi1yZC5wcml2LnNld2FuLmZyfGludml0ZSIsInN1YiI6IjMwYWJhMzE1LTRjZTQtNDJhYy1hYzY2LThmODE3OTg2M2VjMiIsImVtYWlsIjoibWF4aW1lLmRlbW9kZUBzZXdhbi5mciIsIm9yZ19pZCI6bnVsbCwidXNlcl9vcmdfaWQiOm51bGwsImludml0ZWRfYnlfZW1haWwiOm51bGx9.eo_F4iV5LkI8NTJXxINm7ZbXnSkQ-hqY-SwU0ZyPXHUUMCZwXYA2po9g-WsmcuKkOGTx7tlm8dIbhTyzF3QHXBFRM3_q4NgUNuJi8ModyztYq_oibqBCo0UXuQALAWsyjZpcU9jjALuUdov3C_AW-ZG15ul4qmFlqMnhtJMyywKvrXbNtKAPJBURBTMWuRms835EOUp_-QyzlHNkenYoQbzCF2jmE_-lMHBB6qyyt2y-D5VnrevWtF_XrrceuGLCiNLPjLLUf-tHXM12klgfMuKM5ftgv2OMdrtIzugn-_v7HorP39aZpf6FSQJEPeBV8kb5iW93AXlAzigWbrICjw#/accept-organization?organizationId=_&organizationUserId=_&email=<first_name>.<last_name>@<domain>.<country_tld>&organizationName=Vaultwarden&token=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJuYmYiOjE2NDc2MjY0NzYsImV4cCI6MTY0ODA1ODQ3NiwiaXNzIjoiaHR0cHM6Ly92YXVsdHdhcmRlbi1yZC5wcml2LnNld2FuLmZyfGludml0ZSIsInN1YiI6IjMwYWJhMzE1LTRjZTQtNDJhYy1hYzY2LThmODE3OTg2M2VjMiIsImVtYWlsIjoibWF4aW1lLmRlbW9kZUBzZXdhbi5mciIsIm9yZ19pZCI6bnVsbCwidXNlcl9vcmdfaWQiOm51bGwsImludml0ZWRfYnlfZW1haWwiOm51bGx9.eo_F4iV5LkI8NTJXxINm7ZbXnSkQ-hqY-SwU0ZyPXHUUMCZwXYA2po9g-WsmcuKkOGTx7tlm8dIbhTyzF3QHXBFRM3_q4NgUNuJi8ModyztYq_oibqBCo0UXuQALAWsyjZpcU9jjALuUdov3C_AW-ZG15ul4qmFlqMnhtJMyywKvrXbNtKAPJBURBTMWuRms835EOUp_-QyzlHNkenYoQbzCF2jmE_-lMHBB6qyyt2y-D5VnrevWtF_XrrceuGLCiNLPjLLUf-tHXM12klgfMuKM5ftgv2OMdrtIzugn-_v7HorP39aZpf6FSQJEPeBV8kb5iW93AXlAzigWbrICjw``` When they click "Create Account" from this link, they get to this link: ```https://<host>/?organizationId=_&organizationUserId=_&email=<first_name>%2E<last_name>%40<domain>%2E<country_tld>&organizationName=Vaultwarden&token=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJuYmYiOjE2NDc2MjY0NzYsImV4cCI6MTY0ODA1ODQ3NiwiaXNzIjoiaHR0cHM6Ly92YXVsdHdhcmRlbi1yZC5wcml2LnNld2FuLmZyfGludml0ZSIsInN1YiI6IjMwYWJhMzE1LTRjZTQtNDJhYy1hYzY2LThmODE3OTg2M2VjMiIsImVtYWlsIjoibWF4aW1lLmRlbW9kZUBzZXdhbi5mciIsIm9yZ19pZCI6bnVsbCwidXNlcl9vcmdfaWQiOm51bGwsImludml0ZWRfYnlfZW1haWwiOm51bGx9.eo_F4iV5LkI8NTJXxINm7ZbXnSkQ-hqY-SwU0ZyPXHUUMCZwXYA2po9g-WsmcuKkOGTx7tlm8dIbhTyzF3QHXBFRM3_q4NgUNuJi8ModyztYq_oibqBCo0UXuQALAWsyjZpcU9jjALuUdov3C_AW-ZG15ul4qmFlqMnhtJMyywKvrXbNtKAPJBURBTMWuRms835EOUp_-QyzlHNkenYoQbzCF2jmE_-lMHBB6qyyt2y-D5VnrevWtF_XrrceuGLCiNLPjLLUf-tHXM12klgfMuKM5ftgv2OMdrtIzugn-_v7HorP39aZpf6FSQJEPeBV8kb5iW93AXlAzigWbrICjw#/register?email=<first_name>.<last_name>@<domain>.<country_tld>``` **APPCLIENT (Outlook) CASE** When opening link from Outlook, user gets this link: ```https://<host>/#/accept-organization?organizationId=_&organizationUserId=_&email=<first_name>.<last_name>@<domain>.<country_tld>&organizationName=Vaultwarden&token=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJuYmYiOjE2NDc2MjY0NzYsImV4cCI6MTY0ODA1ODQ3NiwiaXNzIjoiaHR0cHM6Ly92YXVsdHdhcmRlbi1yZC5wcml2LnNld2FuLmZyfGludml0ZSIsInN1YiI6IjMwYWJhMzE1LTRjZTQtNDJhYy1hYzY2LThmODE3OTg2M2VjMiIsImVtYWlsIjoibWF4aW1lLmRlbW9kZUBzZXdhbi5mciIsIm9yZ19pZCI6bnVsbCwidXNlcl9vcmdfaWQiOm51bGwsImludml0ZWRfYnlfZW1haWwiOm51bGx9.eo_F4iV5LkI8NTJXxINm7ZbXnSkQ-hqY-SwU0ZyPXHUUMCZwXYA2po9g-WsmcuKkOGTx7tlm8dIbhTyzF3QHXBFRM3_q4NgUNuJi8ModyztYq_oibqBCo0UXuQALAWsyjZpcU9jjALuUdov3C_AW-ZG15ul4qmFlqMnhtJMyywKvrXbNtKAPJBURBTMWuRms835EOUp_-QyzlHNkenYoQbzCF2jmE_-lMHBB6qyyt2y-D5VnrevWtF_XrrceuGLCiNLPjLLUf-tHXM12klgfMuKM5ftgv2OMdrtIzugn-_v7HorP39aZpf6FSQJEPeBV8kb5iW93AXlAzigWbrICjw``` When they click "Create Account" from this link, they get to this link: ```https://<host>/#/register?email=<first_name>.<last_name>@<domain>.<country_tld>``` **POTENTIAL ISSUE IDENTIFIED ?** _From what I can see, when I click on the "Join" button from webclient, I get a malformed URL which inserts_ ```?organizationId=_&organizationUserId=_&email=<first_name>%2E<last_name>%40<domain>%2E<country_tld>&organizationName=Vaultwarden&token=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJuYmYiOjE2NDc2MjY0NzYsImV4cCI6MTY0ODA1ODQ3NiwiaXNzIjoiaHR0cHM6Ly92YXVsdHdhcmRlbi1yZC5wcml2LnNld2FuLmZyfGludml0ZSIsInN1YiI6IjMwYWJhMzE1LTRjZTQtNDJhYy1hYzY2LThmODE3OTg2M2VjMiIsImVtYWlsIjoibWF4aW1lLmRlbW9kZUBzZXdhbi5mciIsIm9yZ19pZCI6bnVsbCwidXNlcl9vcmdfaWQiOm51bGwsImludml0ZWRfYnlfZW1haWwiOm51bGx9.eo_F4iV5LkI8NTJXxINm7ZbXnSkQ-hqY-SwU0ZyPXHUUMCZwXYA2po9g-WsmcuKkOGTx7tlm8dIbhTyzF3QHXBFRM3_q4NgUNuJi8ModyztYq_oibqBCo0UXuQALAWsyjZpcU9jjALuUdov3C_AW-ZG15ul4qmFlqMnhtJMyywKvrXbNtKAPJBURBTMWuRms835EOUp_-QyzlHNkenYoQbzCF2jmE_-lMHBB6qyyt2y-D5VnrevWtF_XrrceuGLCiNLPjLLUf-tHXM12klgfMuKM5ftgv2OMdrtIzugn-_v7HorP39aZpf6FSQJEPeBV8kb5iW93AXlAzigWbrICjw``` _inbetween_ `https://<host>/` _and_ ```#/accept-organization?organizationId=_&organizationUserId=_&email=<first_name>.<last_name>@<domain>.<country_tld>&organizationName=Vaultwarden&token=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJuYmYiOjE2NDc2MjY0NzYsImV4cCI6MTY0ODA1ODQ3NiwiaXNzIjoiaHR0cHM6Ly92YXVsdHdhcmRlbi1yZC5wcml2LnNld2FuLmZyfGludml0ZSIsInN1YiI6IjMwYWJhMzE1LTRjZTQtNDJhYy1hYzY2LThmODE3OTg2M2VjMiIsImVtYWlsIjoibWF4aW1lLmRlbW9kZUBzZXdhbi5mciIsIm9yZ19pZCI6bnVsbCwidXNlcl9vcmdfaWQiOm51bGwsImludml0ZWRfYnlfZW1haWwiOm51bGx9.eo_F4iV5LkI8NTJXxINm7ZbXnSkQ-hqY-SwU0ZyPXHUUMCZwXYA2po9g-WsmcuKkOGTx7tlm8dIbhTyzF3QHXBFRM3_q4NgUNuJi8ModyztYq_oibqBCo0UXuQALAWsyjZpcU9jjALuUdov3C_AW-ZG15ul4qmFlqMnhtJMyywKvrXbNtKAPJBURBTMWuRms835EOUp_-QyzlHNkenYoQbzCF2jmE_-lMHBB6qyyt2y-D5VnrevWtF_XrrceuGLCiNLPjLLUf-tHXM12klgfMuKM5ftgv2OMdrtIzugn-_v7HorP39aZpf6FSQJEPeBV8kb5iW93AXlAzigWbrICjw``` _The inserted part from the webclient URL is the issues since it seems like if you concatenate the host part and the part starting with #/ you pretty much gets the proper URL that Outlook gives you._

MrUnknownDE closed this issue

2026-04-06 03:10:40 +02:00

Sign in to join this conversation.

No Label Third party Third party Third party Third party Third party Third party Third party Third party Third party Third party Third party Third party troubleshooting troubleshooting troubleshooting troubleshooting troubleshooting troubleshooting troubleshooting troubleshooting troubleshooting troubleshooting troubleshooting troubleshooting troubleshooting troubleshooting troubleshooting troubleshooting troubleshooting troubleshooting troubleshooting troubleshooting troubleshooting troubleshooting troubleshooting troubleshooting troubleshooting troubleshooting troubleshooting

1 Participants

Notifications

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: github/vaultwarden#2184