Skip to main content

Get User Profile

Retrieve the authenticated user’s profile information. 
curl -X GET "https://api.bitwarden.com/accounts/profile" \
  -H "Authorization: Bearer {access_token}"

Response

id
string
required
User’s unique identifier
name
string
User’s display name
email
string
required
User’s email address
twoFactorEnabled
boolean
required
Whether two-factor authentication is enabled
premium
boolean
required
Whether user has premium features
organizations
array
List of organizations the user belongs to

Update Profile

Update the authenticated user’s profile information. 
curl -X PUT "https://api.bitwarden.com/accounts/profile" \
  -H "Authorization: Bearer {access_token}" \
  -H "Content-Type: application/json" \
  -d '{
    "name": "John Doe",
    "masterPasswordHint": "My favorite password hint"
  }'

Request Body

name
string
User’s display name
masterPasswordHint
string
Master password hint

Get Organizations

Retrieve all organizations for the authenticated user. 
GET /accounts/organizations

Response

Returns a list of organizations with membership details including role, permissions, and status.

Change Email

Initiate an email change request for the authenticated user.

Step 1: Request Email Token

POST /accounts/email-token
newEmail
string
required
New email address
masterPasswordHash
string
required
Master password hash for verification

Step 2: Confirm Email Change

POST /accounts/email
newEmail
string
required
New email address
token
string
required
Verification token from email
newMasterPasswordHash
string
required
New master password hash
key
string
required
Encryption key

Change Password

Change the master password for the authenticated user. 
POST /accounts/password
masterPasswordHash
string
required
Current master password hash
newMasterPasswordHash
string
required
New master password hash
masterPasswordHint
string
Optional password hint
key
string
required
Encryption key

Set Initial Password

Set the master password for accounts created without one (e.g., SSO users). 
POST /accounts/set-password
masterPasswordHash
string
required
New master password hash
key
string
required
User encryption key
keys
object
User key pairs for encryption

Update KDF Settings

Update Key Derivation Function settings for the account. 
POST /accounts/kdf
masterPasswordHash
string
required
Master password hash for verification
authenticationData
object
required
Authentication KDF configuration
unlockData
object
required
Unlock KDF configuration

Get/Set Encryption Keys

Get Keys

GET /accounts/keys
Returns the user’s cryptographic keys including public key and private key.

Set Keys

POST /accounts/keys
publicKey
string
required
RSA public key
encryptedPrivateKey
string
required
Encrypted RSA private key

Get API Key

Retrieve the user’s API key for programmatic access. 
POST /accounts/api-key
secret
string
required
Master password hash or OTP for verification

Response

apiKey
string
The user’s API key
clientId
string
OAuth client ID for API access

Rotate API Key

Generate a new API key, invalidating the old one. 
POST /accounts/rotate-api-key
secret
string
required
Master password hash for verification

Delete Account

Permanently delete the user account. 
DELETE /accounts
secret
string
required
Master password hash for verification
This action cannot be undone. All vault data will be permanently deleted.

Password Hint

Request a password hint to be sent to the user’s email. 
POST /accounts/password-hint
email
string
required
Email address associated with the account
This endpoint does not require authentication and can be called anonymously.

Verify Email

Send Verification Email

POST /accounts/verify-email
Sends a verification email to the user’s registered email address.

Confirm Email Verification

POST /accounts/verify-email-token
userId
string
required
User ID
token
string
required
Verification token from email

Build docs developers (and LLMs) love

Get started for freeTalk to us