Bitwarden Events
Fetches event logs from Bitwarden for monitoring security and compliance activities. This input captures organization-wide events including user authentication, vault access, policy changes, and other security-relevant activities.
Sync Type: Incremental
Requirements
Before you connect Monad to Bitwarden, you need to:
-
Create OAuth2 Credentials
- Go to your Bitwarden Organization settings
- Navigate to the Integrations section
- Create a new OAuth2 Client for API access
- You'll receive a Client ID and Client Secret
- Client ID is in the format:
organization.ClientId
-
Determine Your Region
- US: Uses Bitwarden's US cloud infrastructure (default)
- EU: Uses Bitwarden's EU cloud infrastructure
- Self-Hosted: For on-premises Bitwarden installations, you'll need the base URL of your instance
-
Required Permissions
- Your OAuth2 client must have API permissions to access organization events
- The credentials must be associated with an organization admin account
Configuration
The following configuration defines the input parameters. Each field's specifications, such as type, requirements, and descriptions, are detailed below.
Settings
| Setting | Type | Required | Description |
|---|---|---|---|
| Region | string | No | Region of the Bitwarden instance: US, EU, or SelfHosted (default: US) |
| Base URL | string | No | Base URL for self-hosted Bitwarden instance (required if region is SelfHosted) |
| Backfill Start Time | string | No | The date to start fetching data from. If not specified, no past records will be fetched. |
Secrets
| Secret | Type | Required | Description |
|---|---|---|---|
| Client ID | string | Yes | OAuth2 Client ID in format: organization.ClientId |
| Client Secret | string | Yes | OAuth2 Client Secret for API authentication |
Limitations
- Data Retention: Bitwarden only retains event logs for a maximum of 367 days. Events older than this period will not be available.
- Backfill Constraint: If you specify a backfill start time more than 367 days in the past, it will be automatically adjusted to the oldest available data.
- Regional Isolation: Separate instances for US and EU regions; self-hosted instances require their own base URL configuration.
Troubleshooting
Authentication Errors
- Verify that your Client ID and Client Secret are correct and in the proper format (Client ID must be
organization.ClientId) - Ensure the credentials haven't been revoked or expired in your Bitwarden organization settings
- Confirm that your OAuth2 client has the necessary API permissions
No Events Retrieved
- Check that your Bitwarden organization has recorded events within the specified date range
- If using backfill, verify the date is within the last 367 days
- Ensure the region setting (US/EU/SelfHosted) matches your Bitwarden instance location
Connection Timeout
- For self-hosted instances, verify the Base URL is correct and accessible
Related Articles
Sample Record
{
"object": "event",
"type": 1500,
"itemId": "550e8400-e29b-41d4-a716-446655440000",
"collectionId": "660e8400-e29b-41d4-a716-446655440000",
"groupId": "",
"policyId": "",
"memberId": "770e8400-e29b-41d4-a716-446655440000",
"actingUserId": "880e8400-e29b-41d4-a716-446655440000",
"date": "2026-02-10T15:30:45.123456Z",
"device": 1,
"ipAddress": "203.0.113.42"
}
Event Fields Explanation
- type: Numeric event type identifier (e.g., 1500 = User logged in, 1400 = Vault accessed, etc.)
- itemId: UUID of the vault item affected (if applicable), empty string otherwise
- collectionId: UUID of the collection affected (if applicable), empty string otherwise
- groupId: UUID of the group affected (if applicable), empty string otherwise
- policyId: UUID of the policy affected (if applicable), empty string otherwise
- memberId: UUID of the organization member affected (if applicable), empty string otherwise
- actingUserId: UUID of the user who performed the action
- date: RFC3339 formatted timestamp of when the event occurred
- device: Device type indicator (numeric ID)
- ipAddress: IP address from which the action was performed (may be empty for some event types)