Getting Equivalent Domains (global + custom) via Python

danglam · April 12, 2026, 7:13pm

I read and parse the following URL for the global equivalent domains:

https://raw.githubusercontent.com/bitwarden/server/main/src/Core/Utilities/StaticStore.cs

But haven’t found a way to get the custom equivalent domains via Python.

Is there something more correct for the global list?
How can I get the custom list?

grb · April 12, 2026, 8:01pm

What makes you think that the StaticStore.cs file is not “correct”?

The custom domain rules should be somewhere in the local vault cache for a logged-in client app.

Why do you need this?

danglam · April 13, 2026, 1:31am

@grb thanks for the reply!

I thought that maybe there was a cleaner way to get some data structure for the global equivalent domains, rather than parsing the code. But parsing works

I ran the Inactive two-step login report, and some entries were missing from it. I inspected the code that generates it and found some explanations. For example (I’ve used commas instead of dots to bypass new user limitations):

www,yahoo,com was missing because the entry in 2fa.directory is for mail,yahoo,com (and not yahoo,com)
nextdns,io was missing because its entry in 2fa.directory has no “documentation" key, and the code skips such entries

So I’ve decided to write a Python script that uses the CLI and generates a report that will perhaps have some false alarms but (hopefully) no misdetections.

I looked at the json.data files of the desktop app and the CLI - the list of custom equivalent domains there is empty. I guess it shows an empty list because the CLI doesn’t really need it?
I only see something inside a log file in Chrome’s extension’s data folder, but it’s not in any standard format.
Is there a “standard” way to fetch the custom equivalent domains, or have I found all that there is?

Again, thanks a lot for taking the time to help!

grb · April 13, 2026, 2:17am

What specifically did you find? I looked in my own extension folder, and unfortunately could not find any custom equivalent domains. If you share what you found, perhaps I can make more sense out of it.

danglam · April 14, 2026, 10:05pm

Hi @grb,

I’ve created a snapshot describing the chrome extension log file, but I have to say I’m not sure if it’s intended to be used or if it’s guaranteed to always contain this list (you said you didn’t see it, for example).

I ended up using Copilot with the clients’ repository to reverse-engineer the clients’ approach and discovered that when you login with the CLI there’s an access token stored in ~\AppData\Roaming\Bitwarden CLI\data.json under the key user_{userId}_token_accessToken. This can be used with the API to call the /sync endpoint (not documented in the API spec – found it in the clients’ code) and retrieve the full list of global and custom equivalent domains from the response.