> ## Documentation Index > Fetch the complete documentation index at: https://conductorone-docs-mcp-bridge-private-server.mintlify.site/llms.txt > Use this file to discover all available pages before exploring further. # Set up a Bitwarden connector > C1 provides identity governance for Bitwarden. Integrate your Bitwarden organization with C1 for unified visibility and governance over user access. C1 provides identity governance for Bitwarden. Integrate your Bitwarden organization with C1 for unified visibility and governance over user access. ## Capabilities | Resource | Sync | Provision | | -------- | ------------------------------------------------------------- | --------- | | Users | | | | Groups | | | The connector syncs the members of a single Bitwarden organization as user identities and the organization's groups. Each member carries their role (Owner, Admin, User, Manager, or Custom), their invitation status (Invited, Accepted, Confirmed, or Revoked), and whether two-step login is enabled. Each group exposes a **Member** entitlement, and every member of a group is recorded as a grant of that entitlement, so you can see who belongs to which group in your Bitwarden organization. ## Gather Bitwarden credentials You need your Bitwarden **organization API key** (a Client ID and Client secret). It grants programmatic read access to your organization's members, groups, and collections, so treat the secret as sensitive. Sign in to the Bitwarden web vault as an owner or admin of the organization you want to sync. Open the **Admin Console**, then go to **Settings** > **Organization info**. In the **API key** area, click **View API key**. You may be prompted to re-enter your master password. Copy the **client\_id** and **client\_secret** values. The client\_id looks like `organization.`. If you ever need to invalidate the credentials, use **Rotate API key** on the same screen. ## Configure the Bitwarden connector Follow these instructions to use a built-in, no-code connector hosted by C1. In C1, navigate to **Integrations** > **Connectors** and click **Add connector**. Search for **Bitwarden** and click **Add**. Choose how to set up the new Bitwarden connector. Set the owner for this connector. Click **Next**. Find the **Settings** area of the page and click **Edit**. Enter the Bitwarden credentials: * **Client ID**: The organization API key client\_id. * **Client secret**: The organization API key client\_secret. * **Identity token URL**: The Bitwarden identity token endpoint. Use `https://identity.bitwarden.com/connect/token` for US cloud or `https://identity.bitwarden.eu/connect/token` for EU cloud. * **Base URL**: Leave blank for US cloud (`https://api.bitwarden.com`), or set `https://api.bitwarden.eu` for EU cloud. Click **Save**. The connector's label changes to **Syncing**, followed by **Connected**. You can view the logs to ensure that information is syncing. **Done.** Your Bitwarden connector is now pulling access data into C1. Follow these instructions to run the Bitwarden connector in your own environment. Create secrets for the Bitwarden organization API key (client\_id and client\_secret). Configure the connector environment variables: * **BATON\_BITWARDEN\_CLIENT\_ID**: The organization API key client\_id (store this as a secret). * **BATON\_BITWARDEN\_CLIENT\_SECRET**: The organization API key client\_secret (store this as a secret). * **BATON\_BITWARDEN\_TOKEN\_URL**: The identity token endpoint, e.g. `https://identity.bitwarden.com/connect/token` (US cloud), `https://identity.bitwarden.eu/connect/token` (EU cloud), or `https:///identity/connect/token` (self-hosted). * **BATON\_BITWARDEN\_BASE\_URL**: Optional. Defaults to `https://api.bitwarden.com`. Set `https://api.bitwarden.eu` for EU cloud or `https:///api` for a self-hosted instance. Deploy the connector using your standard self-hosted connector process. **Done.** Your Bitwarden connector is now pulling access data into C1.