We use a bitwarden python plugin to fetch password for our infrastructure as code system through Ansible.
The plugin uses the official Node bitwarden CLI.
Since a few days, when trying to do a bw login, we receive the following error :
{"response":{"error":"invalid_grant","error_description":"Auth-Email header invalid."},"statusCode":400}"}
OS : CentOS 8
Node : v10.24.0
bw : @bitwarden/[email protected]
I’ve been seeing this as well using bw login for the last few weeks. I figured I’d broken something but I’m seeing it on two independently maintained systems.
bw v.1.16.0
Linux 5.14.13 (Arch Linux, stock kernel)
I’ve had a reply from Bitwarden, a solution might be to use Personal API Key for CLI Authentication | Bitwarden Help & Support
In our case, we insert the BW_CLIENTID and BW_CLIENTSECRET in the python subprocess environment, with the --apikey option at startup.
We’re not done yet, but it seems to work. It still requires the master password to unlock though, so calling it an “api key” is a bit of a stretch really.
What’s strange is that it seems to depend on the user and platform, so I suppose there is some kind of algorithm behin that accept some cli connection whitout a captcha.
@nahili you’re correct. All CLI activity was being flagged as needing a captcha, but we put in some additional rules to allow ‘known’ devices to pass without it.
The API key is means to connect/authenticate, but the master password will always be needed to decrypt (unlock)
This is all great feedback though - we continue to work to make things easier for automation 
Hi, I have the same error, but triggered by the Chrome extension. (1.42.2_0). This only happens when I am using the extension on my corporate machine… how can I fix it? thx, Billy.
Hi @Billy_Lo - the current extension version is 1.55 which may be the cause. Can you update the extension and see if the issue continues?