Hi Vaultwarden community,
I’m trying to assign permissions to a specific group for multiple collections via the API, but I am encountering some issues. I have followed the API documentation and am attempting to make a POST request to the endpoint: POST /api/organizations/{org_id}/collections/{col_id}/users
However, I’m receiving a 422 Unprocessable Entity error, even though the request appears to be correctly formatted. My goal is to assign the “manage” permission to the group with ID badf10ca-b2a6-4ec5-89b5-33393a4ec0b8 for the collection with ID b60433f9-1035-42f4-bf4e-fc6c74c60b5c.
Here is the request I am sending:
curl -X POST “https://secure.mondomaine.fr/api/organizations/cbd65e6c-a1a0-4c66-8b75-196506ec7aaf/collections/b60433f9-1035-42f4-bf4e-fc6c74c60b5c ”
Despite using the correct syntax and including the proper authorization token, I keep getting a 422 error. Could anyone point me in the right direction or let me know if I’m missing something?
Thank you in advance for your help!
Best regards,
Michael
What do the vaultwarden logs say?
I think you are missing the (encrypted) name value of the Collection which is a non-optional field, when deserializing the FullCollectionData:
#[derive(Deserialize)]
#[serde(rename_all = "camelCase")]
struct FullCollectionData {
name: String,
groups: Vec<CollectionGroupData>,
users: Vec<CollectionMembershipData>,
id: Option<CollectionId>,
external_id: Option<String>,
}
btw: With the new bulk-accesslatest release: 1.33.2 ) you should be able to assign multiple collections.
stefan0xC:
With
Thank you for your message.
How to use bulk-access to add permission to a group to a collection ?
Here is what I have in the logs:
[2025-02-11 10:01:49.966][vaultwarden::api::core::organizations::_][WARN] Data guard Json < NewCollectionData > failed: Parse(“{\n "external_id": null,\n "groups": [\n {\n "id": "badf10ca-b2a6-4ec5-89b5-33393a4ec0b8",\n "read_only": false,\n "hide_passwords": false,\n "manage": true\n }\n ],\n "users": hidePasswords”, line: 9, column: 14)).
I modified the curl call this way, and I no longer have any issues; but it doesn’t find the collection because the name is not encrypted.
curl -X POST “https://secure.soluris.fr/api/organizations/cbd65e6c-a1a0-4c66-8b75-196506ec7aaf/collections/b60433f9-1035-42f4-bf4e-fc6c74c60b5c ”
I’m making some progress.
If I create a collection in the frontend and assign it an externalId, it is not encrypted. This allows me to retrieve the encrypted name and the correct collection ID by making the following request:
curl -X POST “https://secure.soluris.fr/api/organizations/cbd65e6c-a1a0-4c66-8b75-196506ec7aaf/collections/b60433f9-1035-42f4-bf4e-fc6c74c60b5c ”
Response:
{
Then, I try to modify the permissions with this request:
curl -X POST “https://secure.soluris.fr/api/organizations/cbd65e6c-a1a0-4c66-8b75-196506ec7aaf/collections/b60433f9-1035-42f4-bf4e-fc6c74c60b5c ”
However, this request creates a new collection instead of modifying the existing one.
MichaelEd:
NewCollectionData
If it’s still called that you should update your vaultwarden instance, because this struct has been renamed in the latest release…