Error enabling “Apply organization data ownership” policy — API 404 + JS TypeError #99

New Issue

MrUnknownDE · 2026-04-05T20:30:12+02:00

MrUnknownDE commented

2026-04-05 20:30:12 +02:00

Originally created by @allanfrizzo on 2/21/2026

Prerequisites

I have searched the existing Closed AND Open Issues AND Discussions
I have searched and read the documentation

Vaultwarden Support String

Your environment (Generated via diagnostics page)

Vaultwarden version: v1.35.3
Web-vault version: v2026.1.1
OS/Arch: linux/x86_64
Running within a container: true (Base: Debian)
Database type: PostgreSQL
Database version: PostgreSQL 16.11 on x86_64-pc-linux-gnu, compiled by gcc (GCC) 11.5.0 20240719 (Red Hat 11.5.0-11), 64-bit
Uses config.json: true
Uses a reverse proxy: true
IP Header check: true (X-Real-IP)
Internet access: true
Internet access via a proxy: false
DNS Check: true
TZ environment: America/Sao_Paulo
Browser/Server Time Check: true
Server/NTP Time Check: true
Domain Configuration Check: true
HTTPS Check: true
Websocket Check: true
HTTP Response Checks: true

Config & Details (Generated via diagnostics page)

Show Config & Details

Environment settings which are overridden: DOMAIN, SIGNUPS_ALLOWED, ORG_CREATION_USERS, INVITATIONS_ALLOWED, ADMIN_TOKEN, SSO_ENABLED, SSO_ONLY, SSO_SIGNUPS_MATCH_EMAIL, SSO_ALLOW_UNKNOWN_EMAIL_VERIFICATION, SSO_CLIENT_ID, SSO_CLIENT_SECRET, SSO_AUTHORITY, SSO_SCOPES, SSO_PKCE, SSO_DEBUG_TOKENS, SMTP_HOST, SMTP_SECURITY, SMTP_PORT, SMTP_FROM, SMTP_USERNAME, SMTP_PASSWORD

Config:

{
  "_duo_akey": null,
  "_enable_duo": true,
  "_enable_email_2fa": true,
  "_enable_smtp": true,
  "_enable_yubico": true,
  "_icon_service_csp": "",
  "_icon_service_url": "",
  "_ip_header_enabled": true,
  "_max_note_size": 10000,
  "_smtp_img_src": "***:",
  "admin_ratelimit_max_burst": 3,
  "admin_ratelimit_seconds": 300,
  "admin_session_lifetime": 20,
  "admin_token": "***",
  "allowed_connect_src": "",
  "allowed_iframe_ancestors": "",
  "attachments_folder": "data/attachments",
  "auth_request_purge_schedule": "30 * * * * *",
  "authenticator_disable_time_drift": false,
  "data_folder": "data",
  "database_conn_init": "",
  "database_idle_timeout": 600,
  "database_max_conns": 10,
  "database_min_conns": 2,
  "database_timeout": 30,
  "database_url": "**********://*****************************************************************",
  "db_connection_retries": 15,
  "disable_2fa_remember": false,
  "disable_admin_token": false,
  "disable_icon_download": false,
  "dns_prefer_ipv6": false,
  "domain": "*****://************************",
  "domain_origin": "*****://************************",
  "domain_path": "",
  "domain_set": true,
  "duo_context_purge_schedule": "30 * * * * *",
  "duo_host": null,
  "duo_ikey": null,
  "duo_skey": null,
  "duo_use_iframe": false,
  "email_2fa_auto_fallback": false,
  "email_2fa_enforce_on_verified_invite": false,
  "email_attempts_limit": 3,
  "email_change_allowed": false,
  "email_expiration_time": 600,
  "email_token_size": 6,
  "emergency_access_allowed": true,
  "emergency_notification_reminder_schedule": "0 3 * * * *",
  "emergency_request_timeout_schedule": "0 7 * * * *",
  "enable_db_wal": true,
  "enable_websocket": true,
  "enforce_single_org_with_reset_pw_policy": false,
  "event_cleanup_schedule": "0 10 0 * * *",
  "events_days_retain": null,
  "experimental_client_feature_flags": "",
  "extended_logging": true,
  "helo_name": null,
  "hibp_api_key": null,
  "http_request_block_non_global_ips": true,
  "http_request_block_regex": null,
  "icon_blacklist_non_global_ips": true,
  "icon_blacklist_regex": null,
  "icon_cache_folder": "data/icon_cache",
  "icon_cache_negttl": 259200,
  "icon_cache_ttl": 2592000,
  "icon_download_timeout": 10,
  "icon_redirect_code": 302,
  "icon_service": "internal",
  "incomplete_2fa_schedule": "30 * * * * *",
  "incomplete_2fa_time_limit": 3,
  "increase_note_size_limit": false,
  "invitation_expiration_hours": 120,
  "invitation_org_name": "Hofund Eaí",
  "invitations_allowed": true,
  "ip_header": "X-Real-IP",
  "job_poll_interval_ms": 30000,
  "log_file": null,
  "log_level": "debug",
  "log_timestamp_format": "%Y-%m-%d %H:%M:%S.%3f",
  "login_ratelimit_max_burst": 10,
  "login_ratelimit_seconds": 60,
  "org_attachment_limit": null,
  "org_creation_users": "****************,************************",
  "org_events_enabled": true,
  "org_groups_enabled": true,
  "password_hints_allowed": true,
  "password_iterations": 600000,
  "purge_incomplete_sso_auth": "0 20 0 * * *",
  "push_enabled": false,
  "push_identity_uri": "https://identity.bitwarden.com",
  "push_installation_id": "***",
  "push_installation_key": "***",
  "push_relay_uri": "https://push.bitwarden.com",
  "reload_templates": false,
  "require_device_email": false,
  "rsa_key_filename": "data/rsa_key",
  "send_purge_schedule": "0 5 * * * *",
  "sendmail_command": null,
  "sends_allowed": true,
  "sends_folder": "data/sends",
  "show_password_hint": false,
  "signups_allowed": false,
  "signups_domains_whitelist": "**********",
  "signups_verify": false,
  "signups_verify_resend_limit": 6,
  "signups_verify_resend_time": 3600,
  "smtp_accept_invalid_certs": false,
  "smtp_accept_invalid_hostnames": false,
  "smtp_auth_mechanism": null,
  "smtp_debug": false,
  "smtp_embed_images": true,
  "smtp_explicit_tls": null,
  "smtp_from": "*******************",
  "smtp_from_name": "**********",
  "smtp_host": "****************",
  "smtp_password": "***",
  "smtp_port": 587,
  "smtp_security": "starttls",
  "smtp_ssl": null,
  "smtp_timeout": 15,
  "smtp_username": "**********************",
  "sso_allow_unknown_email_verification": true,
  "sso_audience_trusted": null,
  "sso_auth_only_not_session": false,
  "sso_authority": "*****://*******************************************************************",
  "sso_authorize_extra_params": "",
  "sso_callback_path": "*****://*****************************************************",
  "sso_client_cache_expiration": 0,
  "sso_client_id": "************************************",
  "sso_client_secret": "***",
  "sso_debug_tokens": false,
  "sso_enabled": true,
  "sso_master_password_policy": null,
  "sso_only": true,
  "sso_pkce": true,
  "sso_scopes": "openid profile email offline_access",
  "sso_signups_match_email": true,
  "templates_folder": "data/templates",
  "tmp_folder": "data/tmp",
  "trash_auto_delete_days": 180,
  "trash_purge_schedule": "0 5 0 * * *",
  "use_sendmail": false,
  "use_syslog": false,
  "user_attachment_limit": null,
  "user_send_limit": null,
  "web_vault_enabled": true,
  "web_vault_folder": "web-vault/",
  "yubico_client_id": null,
  "yubico_secret_key": null,
  "yubico_server": null
}

Vaultwarden Build Version

1.35.3

Deployment method

Official Container Image

Custom deployment method

No response

Reverse Proxy

Caddy 2.1

Host/Server Operating System

Linux

Operating System Version

RockyLinux 9.7

Clients

Web Vault

Client Version

No response

Steps To Reproduce

Environment (Diagnostics)
• Vaultwarden version: v1.35.3
• Web-vault version: v2026.1.1
• OS/Arch: linux/x86_64
• Container: Yes (Debian base)
• Database: PostgreSQL 16.11
• Uses config.json: Yes
• Reverse proxy: Yes
• IP header check: Enabled (X-Real-IP)
• Internet access: Yes
• DNS check: OK
• Timezone: America/Sao_Paulo
• Browser/Server time sync: OK
• NTP sync: OK
• Domain config: OK
• HTTPS: OK
• Websocket: OK
• HTTP response checks: OK

⸻

Description

When attempting to enable the policy “Apply organization data ownership”, the operation fails and the policy is not saved. The UI reports an error and browser console logs show both an API failure and a frontend exception.

⸻

Steps to Reproduce
1. Log in as organization admin
2. Go to Organization → Policies
3. Enable Apply organization data ownership
4. Click Save

⸻

Expected Behavior

Policy should be saved successfully and applied.

⸻

Actual Behavior

Policy save fails and is not applied.

⸻

Console Errors

PUT /api/organizations/{orgId}/policies/5/vnext 404 (Not Found)

Async submit exception:
TypeError: Cannot read properties of undefined (reading 'split')

bootstrap-autofill-overlay.js:
Uncaught (in promise) Error: Extension context invalidated

⸻

Observations
• API returns 404 for endpoint /policies/5/vnext
• Frontend appears to expect a response body but receives undefined
• The error strongly suggests a frontend/server API version mismatch
• Extension overlay error may be unrelated but included for completeness

⸻

Suspected Cause

Web vault version (v2026.1.1) appears to call a newer API route not implemented in Vaultwarden v1.35.3.

⸻

Impact

Unable to enable organization data ownership policy, blocking enforcement of organization-level data ownership and governance controls.

⸻

Workarounds Attempted
• Different browsers
• Incognito mode
• Disabled extensions
• Same result

⸻

Additional Notes

I can provide API traces or server logs if needed for debugging.

Expected Result

.

Actual Result

.

Logs

Screenshots or Videos

No response

Additional Context

No response

*Originally created by @allanfrizzo on 2/21/2026* ### Prerequisites - [x] I have searched the existing **Closed _AND_ Open** [Issues](https://github.com/dani-garcia/vaultwarden/issues?q=is%3Aissue%20) **_AND_** [Discussions](https://github.com/dani-garcia/vaultwarden/discussions?discussions_q=) - [x] I have searched and read the [documentation](https://github.com/dani-garcia/vaultwarden/wiki/) ### Vaultwarden Support String ### Your environment (Generated via diagnostics page) * Vaultwarden version: v1.35.3 * Web-vault version: v2026.1.1 * OS/Arch: linux/x86_64 * Running within a container: true (Base: Debian) * Database type: PostgreSQL * Database version: PostgreSQL 16.11 on x86_64-pc-linux-gnu, compiled by gcc (GCC) 11.5.0 20240719 (Red Hat 11.5.0-11), 64-bit * Uses config.json: true * Uses a reverse proxy: true * IP Header check: true (X-Real-IP) * Internet access: true * Internet access via a proxy: false * DNS Check: true * TZ environment: America/Sao_Paulo * Browser/Server Time Check: true * Server/NTP Time Check: true * Domain Configuration Check: true * HTTPS Check: true * Websocket Check: true * HTTP Response Checks: true ### Config & Details (Generated via diagnostics page) <details><summary>Show Config & Details</summary> **Environment settings which are overridden:** DOMAIN, SIGNUPS_ALLOWED, ORG_CREATION_USERS, INVITATIONS_ALLOWED, ADMIN_TOKEN, SSO_ENABLED, SSO_ONLY, SSO_SIGNUPS_MATCH_EMAIL, SSO_ALLOW_UNKNOWN_EMAIL_VERIFICATION, SSO_CLIENT_ID, SSO_CLIENT_SECRET, SSO_AUTHORITY, SSO_SCOPES, SSO_PKCE, SSO_DEBUG_TOKENS, SMTP_HOST, SMTP_SECURITY, SMTP_PORT, SMTP_FROM, SMTP_USERNAME, SMTP_PASSWORD **Config:** ```json { "_duo_akey": null, "_enable_duo": true, "_enable_email_2fa": true, "_enable_smtp": true, "_enable_yubico": true, "_icon_service_csp": "", "_icon_service_url": "", "_ip_header_enabled": true, "_max_note_size": 10000, "_smtp_img_src": "***:", "admin_ratelimit_max_burst": 3, "admin_ratelimit_seconds": 300, "admin_session_lifetime": 20, "admin_token": "***", "allowed_connect_src": "", "allowed_iframe_ancestors": "", "attachments_folder": "data/attachments", "auth_request_purge_schedule": "30 * * * * *", "authenticator_disable_time_drift": false, "data_folder": "data", "database_conn_init": "", "database_idle_timeout": 600, "database_max_conns": 10, "database_min_conns": 2, "database_timeout": 30, "database_url": "**********://*****************************************************************", "db_connection_retries": 15, "disable_2fa_remember": false, "disable_admin_token": false, "disable_icon_download": false, "dns_prefer_ipv6": false, "domain": "*****://************************", "domain_origin": "*****://************************", "domain_path": "", "domain_set": true, "duo_context_purge_schedule": "30 * * * * *", "duo_host": null, "duo_ikey": null, "duo_skey": null, "duo_use_iframe": false, "email_2fa_auto_fallback": false, "email_2fa_enforce_on_verified_invite": false, "email_attempts_limit": 3, "email_change_allowed": false, "email_expiration_time": 600, "email_token_size": 6, "emergency_access_allowed": true, "emergency_notification_reminder_schedule": "0 3 * * * *", "emergency_request_timeout_schedule": "0 7 * * * *", "enable_db_wal": true, "enable_websocket": true, "enforce_single_org_with_reset_pw_policy": false, "event_cleanup_schedule": "0 10 0 * * *", "events_days_retain": null, "experimental_client_feature_flags": "", "extended_logging": true, "helo_name": null, "hibp_api_key": null, "http_request_block_non_global_ips": true, "http_request_block_regex": null, "icon_blacklist_non_global_ips": true, "icon_blacklist_regex": null, "icon_cache_folder": "data/icon_cache", "icon_cache_negttl": 259200, "icon_cache_ttl": 2592000, "icon_download_timeout": 10, "icon_redirect_code": 302, "icon_service": "internal", "incomplete_2fa_schedule": "30 * * * * *", "incomplete_2fa_time_limit": 3, "increase_note_size_limit": false, "invitation_expiration_hours": 120, "invitation_org_name": "Hofund Eaí", "invitations_allowed": true, "ip_header": "X-Real-IP", "job_poll_interval_ms": 30000, "log_file": null, "log_level": "debug", "log_timestamp_format": "%Y-%m-%d %H:%M:%S.%3f", "login_ratelimit_max_burst": 10, "login_ratelimit_seconds": 60, "org_attachment_limit": null, "org_creation_users": "****************,************************", "org_events_enabled": true, "org_groups_enabled": true, "password_hints_allowed": true, "password_iterations": 600000, "purge_incomplete_sso_auth": "0 20 0 * * *", "push_enabled": false, "push_identity_uri": "https://identity.bitwarden.com", "push_installation_id": "***", "push_installation_key": "***", "push_relay_uri": "https://push.bitwarden.com", "reload_templates": false, "require_device_email": false, "rsa_key_filename": "data/rsa_key", "send_purge_schedule": "0 5 * * * *", "sendmail_command": null, "sends_allowed": true, "sends_folder": "data/sends", "show_password_hint": false, "signups_allowed": false, "signups_domains_whitelist": "**********", "signups_verify": false, "signups_verify_resend_limit": 6, "signups_verify_resend_time": 3600, "smtp_accept_invalid_certs": false, "smtp_accept_invalid_hostnames": false, "smtp_auth_mechanism": null, "smtp_debug": false, "smtp_embed_images": true, "smtp_explicit_tls": null, "smtp_from": "*******************", "smtp_from_name": "**********", "smtp_host": "****************", "smtp_password": "***", "smtp_port": 587, "smtp_security": "starttls", "smtp_ssl": null, "smtp_timeout": 15, "smtp_username": "**********************", "sso_allow_unknown_email_verification": true, "sso_audience_trusted": null, "sso_auth_only_not_session": false, "sso_authority": "*****://*******************************************************************", "sso_authorize_extra_params": "", "sso_callback_path": "*****://*****************************************************", "sso_client_cache_expiration": 0, "sso_client_id": "************************************", "sso_client_secret": "***", "sso_debug_tokens": false, "sso_enabled": true, "sso_master_password_policy": null, "sso_only": true, "sso_pkce": true, "sso_scopes": "openid profile email offline_access", "sso_signups_match_email": true, "templates_folder": "data/templates", "tmp_folder": "data/tmp", "trash_auto_delete_days": 180, "trash_purge_schedule": "0 5 0 * * *", "use_sendmail": false, "use_syslog": false, "user_attachment_limit": null, "user_send_limit": null, "web_vault_enabled": true, "web_vault_folder": "web-vault/", "yubico_client_id": null, "yubico_secret_key": null, "yubico_server": null } ``` </details> ### Vaultwarden Build Version 1.35.3 ### Deployment method Official Container Image ### Custom deployment method _No response_ ### Reverse Proxy Caddy 2.1 ### Host/Server Operating System Linux ### Operating System Version RockyLinux 9.7 ### Clients Web Vault ### Client Version _No response_ ### Steps To Reproduce Environment (Diagnostics) • Vaultwarden version: v1.35.3 • Web-vault version: v2026.1.1 • OS/Arch: linux/x86_64 • Container: Yes (Debian base) • Database: PostgreSQL 16.11 • Uses config.json: Yes • Reverse proxy: Yes • IP header check: Enabled (X-Real-IP) • Internet access: Yes • DNS check: OK • Timezone: America/Sao_Paulo • Browser/Server time sync: OK • NTP sync: OK • Domain config: OK • HTTPS: OK • Websocket: OK • HTTP response checks: OK ⸻ Description When attempting to enable the policy “Apply organization data ownership”, the operation fails and the policy is not saved. The UI reports an error and browser console logs show both an API failure and a frontend exception. ⸻ Steps to Reproduce 1. Log in as organization admin 2. Go to Organization → Policies 3. Enable Apply organization data ownership 4. Click Save ⸻ Expected Behavior Policy should be saved successfully and applied. ⸻ Actual Behavior Policy save fails and is not applied. ⸻ Console Errors PUT /api/organizations/{orgId}/policies/5/vnext 404 (Not Found) Async submit exception: TypeError: Cannot read properties of undefined (reading 'split') bootstrap-autofill-overlay.js: Uncaught (in promise) Error: Extension context invalidated ⸻ Observations • API returns 404 for endpoint /policies/5/vnext • Frontend appears to expect a response body but receives undefined • The error strongly suggests a frontend/server API version mismatch • Extension overlay error may be unrelated but included for completeness ⸻ Suspected Cause Web vault version (v2026.1.1) appears to call a newer API route not implemented in Vaultwarden v1.35.3. ⸻ Impact Unable to enable organization data ownership policy, blocking enforcement of organization-level data ownership and governance controls. ⸻ Workarounds Attempted • Different browsers • Incognito mode • Disabled extensions • Same result ⸻ Additional Notes I can provide API traces or server logs if needed for debugging. ### Expected Result . ### Actual Result . ### Logs ```text ``` ### Screenshots or Videos _No response_ ### Additional Context _No response_

MrUnknownDE closed this issue

2026-04-05 20:30:12 +02:00

MrUnknownDE added the bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug labels 2026-04-05 20:30:15 +02:00

Sign in to join this conversation.

1 Participants

Notifications

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: github/vaultwarden#99