Also sent to Support:
We just purchased an Enterprise plan to test this out compared to LastPass. The main issue I’m seeing is the treatment of subdomains. I’ve looked over your GitHub issue with regards to this, but I’m not 100% sure how to implement a fix based on the available options.
Our usecase is:
We have multiple “development” subdomains (in fact, sub-subdomains) each with a unique login per website.
https://example1.dev.testing.com/wp-admin/
https://example2.dev.testing.com/wp-admin/
https://example3.dev.testing.com/wp-admin/
We would have a new item/record for each of those websites. They each have their own username and password.
However, when we create those 3 records, they all show up as options no matter which website we’re viewing in the browser (as long as it has testing.com main domain). I realize this is because of the “base domain” which is set as the current default. However, the “starts with” option wouldn’t work in this case either, because…
We would want the example1 record to show up no matter what “page” we’re on for that domain. So, example1 record should show for:
https://example1.dev.testing.com
https://example1.dev.testing.com/wp-admin/
https://example1.dev.testing.com/wp-login.php
https://example1.dev.testing.com/wp-login.php?param=blah
I realize we could fill the “URI” with just https://example1.dev.testing.com to still make use of the “starts with” option. But the goal is to have the “URI” be the true login page of…
https://example1.dev.testing.com/wp-admin/
…whilst still allowing the password to show up no matter which “page” is showing for that sub-subdomain.
Is there a setting I’m overlooking to be able to do this? LastPass works like this, and we’re ready to migrate from LastPass to Bitwarden with 20+ users, if we can get the subdomain thing to work as expected.
Example in LastPass: https://d.pr/draw/Jv6kCG/
This is particularly useful with WordPress installs, where /wp-admin/ is the login for the install… but sometimes it may redriect to /wp-login.php or it may redirect to /login/. But in all cases we enter /wp-admin/ at the end of our domains for our LastPass record (and ideally the same in Bitwarden).
And we need it to show the password record, no matter what comes after the “subdomain”. So, again, if our record has a single URI of:
https://example1.dev.testing.com/wp-admin/
Then it should show the password even if the browser is at:
https://example1.dev.testing.com/
https://example1.dev.testing.com/login/
https://example1.dev.testing.com/wp-admin/
https://example1.dev.testing.com/wp-login.php
https://example1.dev.testing.com/blahblah
But it should NOT show if the browser is at
https://example2.dev.testing.com/wp-admin/
(or any other instance of that OTHER subdomain)
We’d rather not just put the subdomain (without /wp-admin/) because then the user would have to manually type that aspect of the URL to get to the login screen.
Again, just saying, but this is working fine in LastPass.
