Vault Management API Item Creation unknown cipher type

Hi all,

I want to create a new item through the Vault Management API. I have already created a folder without problems, but when I send the HTTP POST with the new item, I get an error 500 and the bw cli throws the error:

Error: Unknown cipher type.

From what I found, the item needs to be encoded, which can be done in bw cli using the ‘encode’ command. But I can’t find out how I should encode my HTTP data before sending it to the REST API.

I’m using Python 3.10

I tried encoding the body as b64 using base64.b64encode(data_json.encode()) , but I get the same error,

Can someone give me a hint what I am missing to create a new item?

Thanks!

Have you tried making your requests with HTTPS instead of plain-text HTTP?

You can get an example from our API Docs. No encoding needed for Vault Management API

curl -X 'POST' \
  'http://localhost/object/item' \
  -H 'accept: application/json' \
  -H 'Content-Type: application/json' \
  -d '{
  "organizationId": "3c89a31d-f1cc-4673-8d5a-ae2700f9860d",
  "collectionId": "c4e31257-f3e1-4b13-895a-ae2700f9884e",
  "folderId": null,
  "type": 1,
  "name": "Shared Twitter Account",
  "notes": null,
  "favorite": false,
  "fields": [
    {
      "name": "Security Question",
      "value": "Bitwarden Rules",
      "type": 0
    }
  ],
  "login": {
    "uris": [
      {
        "match": 0,
        "uri": "https://twitter.com/login"
      }
    ],
    "username": "[email protected]",
    "password": "[email protected]@$word",
    "totp": null
  },
  "reprompt": true
}'
1 Like

Vault Management API only serves HTTP. It’s meant to be local, hence SSL is not required.

Thank you for your reply.

In the example there is nothing mentioned about encoding. it looks to me like the data is just plain JSON. But I get the error 500 when I send it like that.

looks like this:

{
   "folderId":"3179303d-4b09-4c37-89fd-aed800f8476c",
   "type":1,
   "notes":"None",
   "login":{
      "uris":[
         {
            "uri":"None"
         }
      ],
      "username":"Administrator",
      "password":"MyPassw0rd!",
      "totp":"None"
   },
   "name":"Administrator"
}

Then I tested it with the following headers and without:

headers = {
        'Content-Type': 'application/json',
        'accept': 'application/json'
    }

When I send it with headers, I get an error 400
SyntaxError: invalid JSON, only supports object and array

When I send it without headers, I get an error 500
Error: Unknown cipher type.

Edit: I got it to work!
I will leave this comment up for anyone who wants to do this in the future or gets a similar error.

I use Python with the requests library to send the HTTP requests.
For it to work the data dict needs to be converted to a string using the JSON library and then the headers need to be added to the request, before that I just added the data as a dict and let the requests library do the conversion but that does not work.

Example:

import json
import requests

BASE_URL = 'http://127.0.0.1:8087'


def create_entry(name: str, username: str = "", password: str = "", uri_list: list = None, notes: str = "",
                 folder_name: str = "Keepass-Default", **kwargs):
    target_url = f'{BASE_URL}/object/item'
    login_data = {
        "uris": uri_list,
        "username": username,
        "password": password,
        "totp": None
    }
    folder_id = get_folderid(folder_name)
    data = {
        "folderId": folder_id,
        "type": 1,
        "notes": notes,
        "login": login_data,
        "name": name,
    }
    json_data = json.dumps(data)
    headers = {
        'Content-Type': 'application/json',
        'accept': 'application/json'
    }
    s = requests.Session()
    r = s.post(target_url, timeout=20, data=json_data, headers=headers)
    return r.json()['data']
1 Like