Improved API Keys

Feature name

Improved Settings for API Keys:
I want to make some task done via script (For example connecting my computer to a VPN). The Credentials for this service are stored in the Vault.
I want to access only this Credentials only with read-rights via the CLI.

Feature function

• One should be able to create multiple API Keys to the Vault
• Each API Key should have a name
• Each API Key can have an expiration date after witch the key becomes invalide
• Each API Key can have specific rights, what can be done. Some examples:
  • Read Credentials
  • Writte / Change Credentials
  • Create a new Item in the Valut
  • Share Credentials
  • Delete a item in the vault
• For Each API Key the accessable collections and folders should be definable

Related topics + references

The following request are referenced:

• Folder Specific API Key
• Collection-level API keys
• https://community.bitwarden.com/t/authenticate-bw-cli-with-ssh-key/19283

One specific use case that we can see for this is generating read-only API keys for use by SIEMs to ingest event logs.