Only allow usage of web ui


We are an nonprofit organization that uses bitwarden to store secrets/passwords etc, sometimes people leave the organization and i would like to then be able to disable their accounts so that they lose access to all orgs and any “personal” passwords.

As far as i understand, the Bitwarden desktop client and various browser plugins keep a cache of the passwords locally, therefor i would like to disable the usage of anything but the web UI, is this possible?

You could try to check the headers sent by the clients.
Bitwarden-Client-Name which for the web is just called web and maybe the device-type header which you can see here what they represent

But people can of course bypass that if they want manually.
Also, the web-vault works offline too, so it doesn’t really matter that much i think.

In what sense does the web-vault work offline too?

What do you mean? It just works offline, as if it was an app installed on your computer.
Just like the desktop client for example.

I had no idea about that.

Lets assume i don’t use any browser extensions or desktop clients, do you mean that i could browse to and still login and access the passwords/documents even if my user is disabled from the admin panel?

I mean, if i am offline, how would i access

I think i’m missing a bit of the puzzle here and i don’t understand how that would work.

The web-vault can be accessed offline. The reason for this is that it uses a feature that is called service workers which caches all needed files in the browser cache. Also the vault data is cached offline in the browsers local storage.

If a user locks the vault, not logout, then if you disable your network connection, you can still unlock your vault and even export I think, but that i haven’t tried actually.

Thanks for all the info!
Think i’ll fork and disable said features, in my opinion they should be optional.

Hi ppaslan ,
Did you find how to disable this feature?
I’d like to disable it too.