-
-
Notifications
You must be signed in to change notification settings - Fork 1.9k
Enabling U2F (and FIDO2 WebAuthn) authentication
Randall Mason edited this page Feb 22, 2022
·
1 revision
To enable U2F and FIDO2 WebAuthn authentication, you must be serving vaultwarden from an HTTPS domain with a valid certificate (Either using the included HTTPS options or with a reverse proxy). We recommend using a free certificate from Let's Encrypt.
After that, you need to set the DOMAIN environment variable to the same address from where vaultwarden is being served:
docker run -d --name vaultwarden \
-e DOMAIN=https://vw.domain.tld \
-v /vw-data/:/data/ \
-p 80:80 \
vaultwarden/server:latestNote that the value has to include the https:// and it may include a port at the end (in the format of https://vw.domain.tld:port) when not using 443.
- Which container image to use
- Starting a container
- Updating the vaultwarden image
- Using Docker Compose
- Using Podman
- Building your own docker image
- Building binary
- Pre-built binaries
- Third-party packages
- Deployment examples
- Proxy examples
- Logrotate example
- Overview
- Disable registration of new users
- Disable invitations
- Enabling admin page
- Disable the admin token
- Enabling WebSocket notifications
- Enabling Mobile Client push notification
- Enabling U2F and FIDO2 WebAuthn authentication
- Enabling YubiKey OTP authentication
- Changing persistent data location
- Changing the API request size limit
- Changing the number of workers
- SMTP configuration
- Translating the email templates
- Password hint display
- Disabling or overriding the Vault interface hosting
- Logging
- Creating a systemd service
- Syncing users from LDAP
- Using an alternate base dir (subdir/subpath)
- Other configuration