Most people use computers with a monitor and software with a graphical user interface or GUI. This graphical interface makes it easy and intuitive to use computers and applications. Many servers, however, don’t offer a graphical interface and instead need to be configured and used through a command-line interface or CLI.
Many password managers would fall flat on this sort of “headless” server, as they simply don’t offer a version of the software that doesn’t require a graphical display. Bitwarden, however, offers a fully featured command line version of its password manager software.
The command-line version of Bitwarden offers three different methods of signing in and decrypting your password vault. One of these methods through the use of an API key. To be able to use this, though, you need to first find your API key.
How to View Your API Key
To see your API key, you need to sign into the Bitwarden web vault. This information is not accessible anywhere else. Once you’re signed in, switch to the “Settings” tab, then scroll all the way to the bottom and click “View API key.”
You’ll then be prompted to re-enter your vault master password. Once you’ve done so, click “View API key.”
Finally, you’ll be presented with your API key. It will have four parts, a client id, a client secret, a scope, and a grant type. You will need the “client_id” and “client_secret” values to be able to sign in via the API key.
The values of the scope and grant type are the same for all API keys. The value of the client id is unique to your account and can’t be changed. The client secret is the actual API key itself; it is unique and can be rotated if you believe it has been compromised.
How to Rotate Your API Key
To rotate your API key, click on “Rotate API key” at the bottom of the settings tab.
Again, you will need to enter your vault master password to verify ownership of the account. Once you’ve done so, click “Rotate API key.” Rotating your API key will invalidate your old API key. Any device using it will need to be updated with the new API key. You will be shown the newly generated API key straight away.
Password managers are great tools to store your passwords securely. If you want to use the Bitwarden CLI client to authenticate on headless servers, you may want to log in with an API key. By following the steps in this guide, you can view your API key. You can also rotate your API key if you think that it has been compromised.