A Model Context Protocol (MCP) server that provides AI assistants with secure access to Bitwarden password manager functionality through two complementary interfaces:

• Vault Management and CLI tools via Bitwarden CLI
• Organization Administration via Bitwarden Public API

The Model Context Protocol is an open standard that enables AI assistants to securely interact with local tools and services. This server exposes Bitwarden's vault management and organization administration capabilities to MCP-compatible AI clients like Claude Desktop.

• Session Management: Lock vault, sync with server, check status
• Item Operations: List, retrieve, create, edit, delete, restore vault items
  • Supports logins, secure notes, cards, and identities
  • Advanced filtering by URL, folder, collection, or trash status
• Folder Management: Organize items with folders
• Attachments: Upload, download, and manage file attachments
• Password Tools: Generate secure passwords and retrieve TOTP codes
• Bitwarden Send: Create and manage secure ephemeral shares (text/file)
• Organization Items: Move items to organizations, manage collections
• Device Approval: Approve or deny new device login requests
• Member Management: Confirm organization member registrations

• Collections: Create, update, delete, and manage collection permissions
• Members: Invite, update roles, remove members, manage group assignments
• Groups: Create role-based access groups and assign members
• Policies: Configure and enforce organization security policies
• Audit Logs: Retrieve organization event history
• Subscriptions: View and update organization billing information
• Bulk Import: Import users and groups from external systems

For Vault Management and CLI tools:

• Bitwarden CLI installed (ex. npm install -g @bitwarden/cli)
• Node.js 22+
• Bitwarden account

For Organization Administration:

• Node.js 22+
• Bitwarden Teams or Enterprise organization
• Organization owner or admin permissions

Add to your Claude Desktop configuration file:

• macOS: ~/Library/Application Support/Claude/claude_desktop_config.json
• Windows: %APPDATA%\Claude\claude_desktop_config.json

{
  "mcpServers": {
    "bitwarden": {
      "command": "npx",
      "args": ["-y", "@bitwarden/mcp-server"],
      "env": {
        "BW_SESSION": "your-session-token-here"
      }
    }
  }
}

Get your session token:

bw login
bw unlock --raw

To enable organization administration features, add API credentials:

{
  "mcpServers": {
    "bitwarden": {
      "command": "npx",
      "args": ["-y", "@bitwarden/mcp-server"],
      "env": {
        "BW_SESSION": "your-session-token-here",
        "BW_CLIENT_ID": "organization.your-client-id",
        "BW_CLIENT_SECRET": "your-client-secret"
      }
    }
  }
}

Get organization API credentials:

1. Go to your Bitwarden Web Vault
2. Navigate to your organization → Settings → My Organization
3. Scroll to "API Key" section
4. Click "View API Key" and authenticate

Requires that this repository be checked out locally. Once that's done:

npm install
npm run build

Then reference the built dist/index.js file from Claude desktop:

{
  "mcpServers": {
    "bitwarden": {
      "command": "node",
      "args": ["local/path/to/mcp-server/dist/index.js"],
      "env": {
        "BW_SESSION": "your-session-token-here"
      }
    }
  }
}

Any MCP-compatible client can connect to this server via stdio transport. Refer to your client's documentation for configuration details.

Note: For self-hosted Bitwarden instances, set BW_API_BASE_URL and BW_IDENTITY_URL to your server URLs.

Once configured, you can interact with Bitwarden through your AI assistant:

Vault:

• "List all my login items"
• "Get my credentials for github"
• "Create a new secure note for my home WiFi information"
• "Generate a 32-character password and save it for apple.com"
• "Create a Send link for this file"

Organization Administration:

• "List all members in my organization"
• "Invite [email protected] as an organization admin"
• "Create a 'Development Team' collection"
• "Show me the last 100 audit log events"
• "What security policies are enabled?"

• Session: lock, sync, status
• Retrieval: list, get
• Items: create_item, edit_item, delete, restore
• Folders: create_folder, edit_folder
• Attachments: create_attachment
• Organizations: create_org_collection, edit_org_collection, edit_item_collections, move, confirm
• Device Approval: device_approval_list, device_approval_approve, device_approval_approve_all, device_approval_deny, device_approval_deny_all
• Send: create_text_send, create_file_send, list_send, get_send, edit_send, delete_send, remove_send_password
• Utilities: generate

• Collections: list_org_collections, get_org_collection, update_org_collection, delete_org_collection
• Members: list_org_members, get_org_member, invite_org_member, update_org_member, remove_org_member, reinvite_org_member, get_org_member_groups, update_org_member_groups
• Groups: list_org_groups, get_org_group, create_org_group, update_org_group, delete_org_group, get_org_group_members, update_org_group_members
• Policies: list_org_policies, get_org_policy, update_org_policy
• Events: get_org_events
• Subscriptions: get_org_subscription, update_org_subscription
• Import: import_org_users_and_groups

git clone https://github.com/bitwarden/mcp-server.git
cd mcp-server
npm install

npm run build        # Compile TypeScript
npm test             # Run test suite
npm run lint         # Check code style
npm run lint:fix     # Auto-fix linting issues
npm run inspect      # Test with MCP Inspector

The MCP Inspector provides an interactive testing environment:

npm run build
npm run inspect

This opens a web interface where you can:

• Browse available tools
• Test tool execution with custom inputs
• View request/response payloads
• Debug tool behavior

• Store credentials securely (use system keychains or environment managers)
• Rotate session tokens regularly
• Review audit logs periodically for suspicious activity
• Never commit credentials to version control

The project includes Jest unit tests covering validation, CLI commands, and core functionality.

# Run all tests
npm test

# Run tests in watch mode
npm run test:watch

# Run tests with coverage
npm test -- --coverage

# Run specific test file
npm test validation.spec.ts

# Run tests matching a pattern
npm test -- --testNamePattern="validation"

Enable debug logging by setting environment variables:

export DEBUG=bitwarden:*
export NODE_ENV=development

• Never commit sensitive credentials (BW_SESSION, BW_CLIENT_ID, BW_CLIENT_SECRET)
• Use environment variables for all sensitive configuration
• Validate all inputs using Zod schemas (already implemented)
• Test with non-production data when possible
• Monitor API usage through your organization's audit logs
• Understand the security and privacy impacts of exposing sensitive vault data to LLM and AI tools. Using a self-hosted or local LLM may be appropriate, for example.

• Vault is locked

  bw unlock --raw
  # Copy the token and update BW_SESSION in your MCP config

• Session key is invalid

  • Session tokens expire after inactivity
  • Run bw unlock --raw to get a fresh token
  • Update your MCP configuration with the new token

• Invalid client credentials

  • Verify BW_CLIENT_ID starts with organization.
  • Ensure BW_CLIENT_SECRET is correct
  • Check that API keys haven't been rotated in the Admin Console

• 403 Forbidden

  • Verify you have organization owner or admin permissions
  • Some operations require specific roles (e.g., managing members)

We welcome contributions! Please see CONTRIBUTING.md for guidelines.