The idea is:
Can we please have an updated version of the Bitwarden node to include Vault Management actions? This will alllow us to store and retrieve passwords in BitWarden which will greatly extend the ability for n8n to store credentials securely for workflows that can not utilize the in-built credential mechanism. See https://bitwarden.com/help/vault-management-api/ for details.
My use case:
We have a couple of workflows that can’t utilize the built-in n8n credential options for various reasons - it would be ideal if we could fetch credentials from BitWarden (likewise it would be amazing if we could set workflows to auto create new credentials as well!)
I think it would be beneficial to add this because:
- Secure and flexible password management in use cases where the n8n credential store isn’t equipped to handle it
- Automation of password flows e.g. auto add password when creating a new user
Any resources to support this?
Are you willing to work on this?
I’m not good with NodeJS but I’m willing to guide and test if necessary
Adding to this request: it looks like Bitwarden credential is missing from the list of credentials under Predefined credential type - can we please get that fixed as well?
It looks like the authentication for Bitwarden was not moved to the credential file yet so it isn’t appearing. I have made an internal ticket for that part of this request as it would provide a workaround for you and would be quicker to implement.
Thanks @Jon - in the mean time, I am trying to work around it using a generic Oauth2 credential. Unfortunately, all my calls to the Bitwarden API are rejected without any error code. So I’m unsure what the issue is (running n8n 0.210.1)
I figured out the issue (at least I think I did) - I believe it is because there is currently no option in the Oauth2 credentials to send the body as url-encoded form data. @Jon would it be possible for you to add a change request for this enhancement as well? I think it is important to have that option in the generic oauth2 credential.
Case in point, I can request a token right now using the http node but it’s not ideal obviously to have credentials exposed in plaintext.
I shall add an option for it now, Does using the normal API work ok in the HTTP Request node?
Thanks Jon, yes I am able to retrieve a token if I enter the oauth2 parameters into the body of an http node and set the format to url encoded. It just means the credentials are exposed so not a good production option
That makes sense now, I was looking at the node trying to work out why we don’t use the OAuth2 option, Not having the x-www-form-urlencoded option might be why it is a bit different so by adding this as an option we could also make the node a bit better and that would also show the credentials as an option for the HTTP Request node.
I hate to ask @Jon but is there a rough ETA on when either of these two options might be added? Reason is this is a high priority item for us and we are looking at whether we need to use an alternative method e.g. the Bitwarden CLI (I’ve upgraded to 0.211.2 but I still don’t see the BW credential in the list).
Not to pester I just don’t want to wait 6 months or a year if that ends up being the case
I was hoping to get it done last week but it was a busy week on the support side so I have placed it in the queue for prioritisation so it could be a week or it could be longer.
For now if using the cli is an option I would use that and once we have added in that credential change I will let you know.
Thank you for the update Jon, much appreciated.
Hi there! Checking in once more. Any chance we will see the Bitwarden credential added to the list of credentials soon? That would solve the immediate issue. Happy to contribute if you can show me where it needs to be updated. If it’s relatively simple, I will submit a PR
At the moment other things have moved up the priority list, But if you wanted to give it a bash the authentication needs to be moved from the generic functions file to the credentials file which sounds easy enough but from when I took a quick look there was some work needed to generate a token as well.