-
-
Notifications
You must be signed in to change notification settings - Fork 2.3k
Enabling U2F (and FIDO2 WebAuthn) authentication
Randall Mason edited this page Feb 22, 2022
·
1 revision
To enable U2F and FIDO2 WebAuthn authentication, you must be serving vaultwarden from an HTTPS domain with a valid certificate (Either using the included HTTPS options or with a reverse proxy). We recommend using a free certificate from Let's Encrypt.
After that, you need to set the DOMAIN environment variable to the same address from where vaultwarden is being served:
docker run -d --name vaultwarden \
-e DOMAIN=https://vw.domain.tld \
-v /vw-data/:/data/ \
-p 80:80 \
vaultwarden/server:latestNote that the value has to include the https:// and it may include a port at the end (in the format of https://vw.domain.tld:port) when not using 443.
- Which container image to use
- Starting a container
- Using Docker Compose
- Using Podman
- Updating the vaultwarden image
- Overview
- Enabling admin page
- SMTP configuration
- Disable registration of new users
- Disable invitations
- Enabling WebSocket notifications
- Enabling Mobile Client push notification
- Enabling SSO support using OpenId Connect
- Other configuration
- Using the MariaDB (MySQL) Backend
- Using the PostgreSQL Backend
- Running without WAL enabled
- Migrating from MariaDB (MySQL) to SQLite
- Hardening Guide
- Password hint display
- Enabling U2F and FIDO2 WebAuthn authentication
- Enabling YubiKey OTP authentication
- Fail2Ban Setup
- Fail2Ban + ModSecurity + Traefik + Docker
- Translating the email templates
- Translating admin page
- Customize Vaultwarden CSS
- Using custom website icons
- Disabling or overriding the Vault interface hosting
- Building binary
- Building your own docker image
- Git hooks
- Differences from the upstream API implementation