[BUG] WebVault 2024.6.2 Duplicate orga password to own vault #973

New Issue

MrUnknownDE · 2026-04-06T01:27:02+02:00

MrUnknownDE commented

2026-04-06 01:27:02 +02:00

Originally created by @kaleb233 on 8/22/2024

Vaultwarden Support String

Your environment (Generated via diagnostics page)

Vaultwarden version: v1.32.0
Web-vault version: v2024.6.2b
OS/Arch: linux/x86_64
Running within a container: true (Base: Debian)
Environment settings overridden: false
Uses a reverse proxy: true
IP Header check: true (X-Real-IP)
Internet access: true
Internet access via a proxy: false
DNS Check: true
Browser/Server Time Check: true
Server/NTP Time Check: true
Domain Configuration Check: true
HTTPS Check: true
Database type: SQLite
Database version: 3.46.0
Clients used:
Reverse proxy and version:
Other relevant information:

Config (Generated via diagnostics page)

Show Running Config

Environment settings which are overridden:

{
  "_duo_akey": null,
  "_enable_duo": true,
  "_enable_email_2fa": true,
  "_enable_smtp": true,
  "_enable_yubico": true,
  "_icon_service_csp": "",
  "_icon_service_url": "",
  "_ip_header_enabled": true,
  "_max_note_size": 10000,
  "_smtp_img_src": "cid:",
  "admin_ratelimit_max_burst": 3,
  "admin_ratelimit_seconds": 300,
  "admin_session_lifetime": 20,
  "admin_token": "***",
  "allowed_iframe_ancestors": "",
  "attachments_folder": "data/attachments",
  "auth_request_purge_schedule": "30 * * * * *",
  "authenticator_disable_time_drift": false,
  "data_folder": "data",
  "database_conn_init": "",
  "database_max_conns": 10,
  "database_timeout": 30,
  "database_url": "***************",
  "db_connection_retries": 15,
  "disable_2fa_remember": false,
  "disable_admin_token": false,
  "disable_icon_download": false,
  "domain": "*****://******************************",
  "domain_origin": "*****://**********",
  "domain_path": "********************",
  "domain_set": true,
  "duo_context_purge_schedule": "30 * * * * *",
  "duo_host": null,
  "duo_ikey": null,
  "duo_skey": null,
  "duo_use_iframe": false,
  "email_2fa_auto_fallback": false,
  "email_2fa_enforce_on_verified_invite": false,
  "email_attempts_limit": 3,
  "email_change_allowed": true,
  "email_expiration_time": 600,
  "email_token_size": 6,
  "emergency_access_allowed": true,
  "emergency_notification_reminder_schedule": "0 3 * * * *",
  "emergency_request_timeout_schedule": "0 7 * * * *",
  "enable_db_wal": true,
  "enable_websocket": true,
  "event_cleanup_schedule": "0 10 0 * * *",
  "events_days_retain": null,
  "experimental_client_feature_flags": "fido2-vault-credentials",
  "extended_logging": true,
  "helo_name": null,
  "hibp_api_key": null,
  "http_request_block_non_global_ips": true,
  "http_request_block_regex": null,
  "icon_blacklist_non_global_ips": true,
  "icon_blacklist_regex": null,
  "icon_cache_folder": "data/icon_cache",
  "icon_cache_negttl": 31536000,
  "icon_cache_ttl": 31536000,
  "icon_download_timeout": 10,
  "icon_redirect_code": 302,
  "icon_service": "internal",
  "incomplete_2fa_schedule": "30 * * * * *",
  "incomplete_2fa_time_limit": 3,
  "increase_note_size_limit": false,
  "invitation_expiration_hours": 120,
  "invitation_org_name": "Thws",
  "invitations_allowed": true,
  "ip_header": "X-Real-IP",
  "job_poll_interval_ms": 30000,
  "log_file": "/log/vaultwarden.log",
  "log_level": "info",
  "log_timestamp_format": "%Y-%m-%d %H:%M:%S.%3f",
  "login_ratelimit_max_burst": 20,
  "login_ratelimit_seconds": 120,
  "org_attachment_limit": 102400,
  "org_creation_users": "",
  "org_events_enabled": true,
  "org_groups_enabled": false,
  "password_hints_allowed": true,
  "password_iterations": 1000000,
  "push_enabled": false,
  "push_identity_uri": "https://identity.bitwarden.com",
  "push_installation_id": "***",
  "push_installation_key": "***",
  "push_relay_uri": "https://push.bitwarden.com",
  "reload_templates": false,
  "require_device_email": false,
  "rsa_key_filename": "data/rsa_key",
  "send_purge_schedule": "0 5 * * * *",
  "sendmail_command": null,
  "sends_allowed": false,
  "sends_folder": "data/sends",
  "show_password_hint": false,
  "signups_allowed": true,
  "signups_domains_whitelist": "*******",
  "signups_verify": true,
  "signups_verify_resend_limit": 5,
  "signups_verify_resend_time": 3600,
  "smtp_accept_invalid_certs": false,
  "smtp_accept_invalid_hostnames": false,
  "smtp_auth_mechanism": "Login",
  "smtp_debug": false,
  "smtp_embed_images": true,
  "smtp_explicit_tls": null,
  "smtp_from": "*******************",
  "smtp_from_name": "Vaultwarden",
  "smtp_host": "***************",
  "smtp_password": "***",
  "smtp_port": 587,
  "smtp_security": "starttls",
  "smtp_ssl": null,
  "smtp_timeout": 15,
  "smtp_username": "***********",
  "templates_folder": "data/templates",
  "tmp_folder": "data/tmp",
  "trash_auto_delete_days": null,
  "trash_purge_schedule": "0 5 0 * * *",
  "use_sendmail": false,
  "use_syslog": false,
  "user_attachment_limit": 204800,
  "user_send_limit": 102400,
  "web_vault_enabled": true,
  "web_vault_folder": "web-vault/",
  "yubico_client_id": "102317",
  "yubico_secret_key": "***",
  "yubico_server": null
}

Steps To Reproduce

See Video

Expected Result

Should Copy the cipher entry

Actual Result

Error: The client has not provided an organisationId

Screenshots or Videos

https://github.com/user-attachments/assets/9a1f03c6-ef9b-4c24-a67b-4fcbd1e1795d

https://github.com/user-attachments/assets/04c2610e-c78c-4dd1-9ad6-c61ddf8d249b

Logs

[2024-08-22 17:47:34.849][request][INFO] POST /..../api/ciphers/create
[2024-08-22 17:47:34.850][vaultwarden::api::core::ciphers][ERROR] The client has not provided an organization id!
[2024-08-22 17:47:34.850][response][INFO] (post_ciphers_create) POST /..../api/ciphers/create => 400 Bad Request

Its not hosted in the base folder.

Additional Context

Hello everyone,

We were testing how to get a password from an organization back into your own Vault or into another organization. We noticed that duplicating the password back into your own vault does not work. To reproduce see the video, there you can also see the strange behavior when you want to duplicate to another organization that he does not find the collections and then duplicating to your own vault works. The difference between the first Post(create) and the Post(create) is only that in the json then the CollectionsIds has no entry and it therefore works to copy into your own vault into another organization will then most likely not work, but that was not our UseCase.

For us it is only a small bug and can possibly be solved easily depending on what information is available in the context of the modal.

test@test.de has been masked by me in the HTML code.

Host/Server Operating System

Linux

Operating System Version

Ubuntu 24.04

Deployment method

Official Container Image

Custom deployment method

Docker with nginx proxy in front of the vaultwarden
not in the base folder hosted

Vaultwarden Build Version

v1.32.0

Clients

Web Vault

Client Version

2024.6.2

*Originally created by @kaleb233 on 8/22/2024* ### Vaultwarden Support String ### Your environment (Generated via diagnostics page) * Vaultwarden version: v1.32.0 * Web-vault version: v2024.6.2b * OS/Arch: linux/x86_64 * Running within a container: true (Base: Debian) * Environment settings overridden: false * Uses a reverse proxy: true * IP Header check: true (X-Real-IP) * Internet access: true * Internet access via a proxy: false * DNS Check: true * Browser/Server Time Check: true * Server/NTP Time Check: true * Domain Configuration Check: true * HTTPS Check: true * Database type: SQLite * Database version: 3.46.0 * Clients used: * Reverse proxy and version: * Other relevant information: ### Config (Generated via diagnostics page) <details><summary>Show Running Config</summary> **Environment settings which are overridden:** ```json { "_duo_akey": null, "_enable_duo": true, "_enable_email_2fa": true, "_enable_smtp": true, "_enable_yubico": true, "_icon_service_csp": "", "_icon_service_url": "", "_ip_header_enabled": true, "_max_note_size": 10000, "_smtp_img_src": "cid:", "admin_ratelimit_max_burst": 3, "admin_ratelimit_seconds": 300, "admin_session_lifetime": 20, "admin_token": "***", "allowed_iframe_ancestors": "", "attachments_folder": "data/attachments", "auth_request_purge_schedule": "30 * * * * *", "authenticator_disable_time_drift": false, "data_folder": "data", "database_conn_init": "", "database_max_conns": 10, "database_timeout": 30, "database_url": "***************", "db_connection_retries": 15, "disable_2fa_remember": false, "disable_admin_token": false, "disable_icon_download": false, "domain": "*****://******************************", "domain_origin": "*****://**********", "domain_path": "********************", "domain_set": true, "duo_context_purge_schedule": "30 * * * * *", "duo_host": null, "duo_ikey": null, "duo_skey": null, "duo_use_iframe": false, "email_2fa_auto_fallback": false, "email_2fa_enforce_on_verified_invite": false, "email_attempts_limit": 3, "email_change_allowed": true, "email_expiration_time": 600, "email_token_size": 6, "emergency_access_allowed": true, "emergency_notification_reminder_schedule": "0 3 * * * *", "emergency_request_timeout_schedule": "0 7 * * * *", "enable_db_wal": true, "enable_websocket": true, "event_cleanup_schedule": "0 10 0 * * *", "events_days_retain": null, "experimental_client_feature_flags": "fido2-vault-credentials", "extended_logging": true, "helo_name": null, "hibp_api_key": null, "http_request_block_non_global_ips": true, "http_request_block_regex": null, "icon_blacklist_non_global_ips": true, "icon_blacklist_regex": null, "icon_cache_folder": "data/icon_cache", "icon_cache_negttl": 31536000, "icon_cache_ttl": 31536000, "icon_download_timeout": 10, "icon_redirect_code": 302, "icon_service": "internal", "incomplete_2fa_schedule": "30 * * * * *", "incomplete_2fa_time_limit": 3, "increase_note_size_limit": false, "invitation_expiration_hours": 120, "invitation_org_name": "Thws", "invitations_allowed": true, "ip_header": "X-Real-IP", "job_poll_interval_ms": 30000, "log_file": "/log/vaultwarden.log", "log_level": "info", "log_timestamp_format": "%Y-%m-%d %H:%M:%S.%3f", "login_ratelimit_max_burst": 20, "login_ratelimit_seconds": 120, "org_attachment_limit": 102400, "org_creation_users": "", "org_events_enabled": true, "org_groups_enabled": false, "password_hints_allowed": true, "password_iterations": 1000000, "push_enabled": false, "push_identity_uri": "https://identity.bitwarden.com", "push_installation_id": "***", "push_installation_key": "***", "push_relay_uri": "https://push.bitwarden.com", "reload_templates": false, "require_device_email": false, "rsa_key_filename": "data/rsa_key", "send_purge_schedule": "0 5 * * * *", "sendmail_command": null, "sends_allowed": false, "sends_folder": "data/sends", "show_password_hint": false, "signups_allowed": true, "signups_domains_whitelist": "*******", "signups_verify": true, "signups_verify_resend_limit": 5, "signups_verify_resend_time": 3600, "smtp_accept_invalid_certs": false, "smtp_accept_invalid_hostnames": false, "smtp_auth_mechanism": "Login", "smtp_debug": false, "smtp_embed_images": true, "smtp_explicit_tls": null, "smtp_from": "*******************", "smtp_from_name": "Vaultwarden", "smtp_host": "***************", "smtp_password": "***", "smtp_port": 587, "smtp_security": "starttls", "smtp_ssl": null, "smtp_timeout": 15, "smtp_username": "***********", "templates_folder": "data/templates", "tmp_folder": "data/tmp", "trash_auto_delete_days": null, "trash_purge_schedule": "0 5 0 * * *", "use_sendmail": false, "use_syslog": false, "user_attachment_limit": 204800, "user_send_limit": 102400, "web_vault_enabled": true, "web_vault_folder": "web-vault/", "yubico_client_id": "102317", "yubico_secret_key": "***", "yubico_server": null } ``` </details> ### Steps To Reproduce See Video ### Expected Result Should Copy the cipher entry ### Actual Result Error: The client has not provided an organisationId ### Screenshots or Videos https://github.com/user-attachments/assets/9a1f03c6-ef9b-4c24-a67b-4fcbd1e1795d https://github.com/user-attachments/assets/04c2610e-c78c-4dd1-9ad6-c61ddf8d249b ### Logs ```text [2024-08-22 17:47:34.849][request][INFO] POST /..../api/ciphers/create [2024-08-22 17:47:34.850][vaultwarden::api::core::ciphers][ERROR] The client has not provided an organization id! [2024-08-22 17:47:34.850][response][INFO] (post_ciphers_create) POST /..../api/ciphers/create => 400 Bad Request Its not hosted in the base folder. ``` ### Additional Context Hello everyone, We were testing how to get a password from an organization back into your own Vault or into another organization. We noticed that duplicating the password back into your own vault does not work. To reproduce see the video, there you can also see the strange behavior when you want to duplicate to another organization that he does not find the collections and then duplicating to your own vault works. The difference between the first Post(create) and the Post(create) is only that in the json then the CollectionsIds has no entry and it therefore works to copy into your own vault into another organization will then most likely not work, but that was not our UseCase. For us it is only a small bug and can possibly be solved easily depending on what information is available in the context of the modal. test@test.de has been masked by me in the HTML code. ### Host/Server Operating System Linux ### Operating System Version Ubuntu 24.04 ### Deployment method Official Container Image ### Custom deployment method Docker with nginx proxy in front of the vaultwarden not in the base folder hosted ### Vaultwarden Build Version v1.32.0 ### Clients Web Vault ### Client Version 2024.6.2

MrUnknownDE closed this issue

2026-04-06 01:27:02 +02:00

Sign in to join this conversation.

No Label bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug

1 Participants

Notifications

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: github/vaultwarden#973