Open-Source Wikis

/

Bitwarden Server

/

Primitives

/

User

bitwarden/server

User

User is the central identity record. Defined at src/Core/Entities/User.cs (330 lines) and persisted to dbo.User in src/Sql/dbo/Tables/User.sql. Every personal action in Bitwarden links back to a User.Id (Guid).

Important columns

Column Notes
Id (Guid) Primary key.
Name Display name (≤ 50 chars).
Email Unique login identifier (≤ 256 chars), lower-invariant.
EmailVerified Boolean — set after the email-confirmation link click.
MasterPassword Server-side hash (PBKDF2 over the client-derived master-password hash). May be null for SSO-only / TDE accounts.
MasterPasswordHint Optional plain-text hint.
Culture Locale, default en-US.
SecurityStamp Bumped to invalidate every outstanding token (used by ASP.NET Core Identity).
TwoFactorProviders JSON blob of enrolled providers + their per-user settings.
TwoFactorRecoveryCode Single-use recovery code.
Key, PublicKey, PrivateKey, SignedPublicKey The user-key material. Key is the master-password-sealed user key; PrivateKey is wrapped under the user key.
Kdf, KdfIterations, KdfMemory, KdfParallelism Key Derivation Function parameters (Argon2id by default; PBKDF2 legacy).
Premium, PremiumExpirationDate Personal premium subscription state.
MaxStorageGb, Storage Personal storage quota and current usage.
Gateway, GatewayCustomerId, GatewaySubscriptionId Stripe / Braintree pointers for personal subscriptions.
LicenseKey Self-host premium license.
AccountRevisionDate Bumped whenever a client should re-sync; clients compare against the cached value to short-circuit syncs.
RevisionDate, CreationDate Standard audit timestamps.
EquivalentDomains, ExcludedGlobalEquivalentDomains User-level autofill domain mappings.
ApiKey Personal client-credentials API key for the public CLI / SDK.
ForcePasswordReset True after admin-driven recovery; user must change their password on next login.
UsesKeyConnector True when the user belongs to a Key Connector org.
FailedLoginCount, LastFailedLoginDate Lockout helpers.

The full surface is documented inline in src/Core/Entities/User.cs.

Interfaces

User implements:

  • ITableObject<Guid> — convention for repository methods.
  • IStorableSubscriber — has storage and a billing subscriber pointer.
  • IRevisable — has RevisionDate (clients use it for caching).
  • ITwoFactorProvidersUser — used by the 2FA provider implementations.

Repositories

  • Interface: src/Core/Repositories/IUserRepository.cs.
  • Dapper: src/Infrastructure.Dapper/Repositories/UserRepository.cs.
  • EF: src/Infrastructure.EntityFramework/Repositories/UserRepository.cs.

The repo layer also exposes a UserStore adapter for ASP.NET Core Identity (src/Core/Auth/Identity/UserStore.cs).

Where it shows up

  • Authentication (auth) — every grant validator loads the User.
  • Vault ciphers (vault-and-ciphers) — Cipher.UserId for personal items.
  • Organization membership — OrganizationUser.UserId.
  • Devices, Sends, Notifications, Audit Events — all carry UserId.

Lifecycle

  • Register → email verification token → confirm → User row inserted.
  • Login → cred check + 2FA → JWT issued.
  • Update profile / KDF migrate → bump RevisionDate and AccountRevisionDate.
  • Master password change → key rotation (see key-management) and bump SecurityStamp.
  • Delete → cascade-deletes through every dependent table (orchestrated by IUserService.DeleteAsync / Quartz cleanup).

Built by Factory AutoWiki from public repository content. It is a generated preview for codebase exploration, not source-maintained documentation.

User – Bitwarden Server wiki | Factory