[GH-ISSUE #6831] "Create account" link visible after setting SIGNUPS_ALLOWED=false #30040

Closed
opened 2026-06-17 09:46:22 -05:00 by GiteaMirror · 1 comment
Owner

Originally created by @raulk89 on GitHub (Feb 15, 2026).
Original GitHub issue: https://github.com/dani-garcia/vaultwarden/issues/6831

Prerequisites

Vaultwarden Support String

Your environment (Generated via diagnostics page)

  • Vaultwarden version: v1.35.3
  • Web-vault version: v2026.1.1
  • OS/Arch: linux/x86_64
  • Running within a container: false (Base: Not applicable)
  • Database type: SQLite
  • Database version: 3.50.2
  • Uses config.json: false
  • Uses a reverse proxy: true
  • IP Header check: true (X-Real-IP)
  • Internet access: true
  • Internet access via a proxy: false
  • DNS Check: true
  • Browser/Server Time Check: true
  • Server/NTP Time Check: true
  • Domain Configuration Check: true
  • HTTPS Check: true
  • Websocket Check: true
  • HTTP Response Checks: true

Config & Details (Generated via diagnostics page)

Show Config & Details

Config:

{
  "_duo_akey": null,
  "_enable_duo": true,
  "_enable_email_2fa": false,
  "_enable_smtp": true,
  "_enable_yubico": true,
  "_icon_service_csp": "",
  "_icon_service_url": "",
  "_ip_header_enabled": true,
  "_max_note_size": 10000,
  "_smtp_img_src": "***:",
  "admin_ratelimit_max_burst": 3,
  "admin_ratelimit_seconds": 300,
  "admin_session_lifetime": 20,
  "admin_token": "***",
  "allowed_connect_src": "",
  "allowed_iframe_ancestors": "",
  "attachments_folder": "data/attachments",
  "auth_request_purge_schedule": "30 * * * * *",
  "authenticator_disable_time_drift": false,
  "data_folder": "data",
  "database_conn_init": "",
  "database_idle_timeout": 600,
  "database_max_conns": 10,
  "database_min_conns": 2,
  "database_timeout": 30,
  "database_url": "***************",
  "db_connection_retries": 15,
  "disable_2fa_remember": false,
  "disable_admin_token": false,
  "disable_icon_download": false,
  "dns_prefer_ipv6": false,
  "domain": "*****://************************",
  "domain_origin": "*****://************************",
  "domain_path": "",
  "domain_set": true,
  "duo_context_purge_schedule": "30 * * * * *",
  "duo_host": null,
  "duo_ikey": null,
  "duo_skey": null,
  "duo_use_iframe": false,
  "email_2fa_auto_fallback": false,
  "email_2fa_enforce_on_verified_invite": false,
  "email_attempts_limit": 3,
  "email_change_allowed": true,
  "email_expiration_time": 600,
  "email_token_size": 6,
  "emergency_access_allowed": true,
  "emergency_notification_reminder_schedule": "0 3 * * * *",
  "emergency_request_timeout_schedule": "0 7 * * * *",
  "enable_db_wal": true,
  "enable_websocket": true,
  "enforce_single_org_with_reset_pw_policy": false,
  "event_cleanup_schedule": "0 10 0 * * *",
  "events_days_retain": null,
  "experimental_client_feature_flags": "",
  "extended_logging": true,
  "helo_name": null,
  "hibp_api_key": null,
  "http_request_block_non_global_ips": true,
  "http_request_block_regex": null,
  "icon_blacklist_non_global_ips": true,
  "icon_blacklist_regex": null,
  "icon_cache_folder": "data/icon_cache",
  "icon_cache_negttl": 259200,
  "icon_cache_ttl": 2592000,
  "icon_download_timeout": 10,
  "icon_redirect_code": 302,
  "icon_service": "internal",
  "incomplete_2fa_schedule": "30 * * * * *",
  "incomplete_2fa_time_limit": 3,
  "increase_note_size_limit": false,
  "invitation_expiration_hours": 120,
  "invitation_org_name": "Vaultwarden",
  "invitations_allowed": true,
  "ip_header": "X-Real-IP",
  "job_poll_interval_ms": 30000,
  "log_file": "/logs/vaultwarden.log",
  "log_level": "debug",
  "log_timestamp_format": "%Y-%m-%d %H:%M:%S.%3f",
  "login_ratelimit_max_burst": 10,
  "login_ratelimit_seconds": 60,
  "org_attachment_limit": null,
  "org_creation_users": "",
  "org_events_enabled": false,
  "org_groups_enabled": false,
  "password_hints_allowed": true,
  "password_iterations": 600000,
  "purge_incomplete_sso_auth": "0 20 0 * * *",
  "push_enabled": false,
  "push_identity_uri": "https://identity.bitwarden.com",
  "push_installation_id": "***",
  "push_installation_key": "***",
  "push_relay_uri": "https://push.bitwarden.com",
  "reload_templates": false,
  "require_device_email": false,
  "rsa_key_filename": "data/rsa_key",
  "send_purge_schedule": "0 5 * * * *",
  "sendmail_command": null,
  "sends_allowed": true,
  "sends_folder": "data/sends",
  "show_password_hint": false,
  "signups_allowed": false,
  "signups_domains_whitelist": "",
  "signups_verify": false,
  "signups_verify_resend_limit": 6,
  "signups_verify_resend_time": 3600,
  "smtp_accept_invalid_certs": false,
  "smtp_accept_invalid_hostnames": false,
  "smtp_auth_mechanism": null,
  "smtp_debug": false,
  "smtp_embed_images": true,
  "smtp_explicit_tls": null,
  "smtp_from": "",
  "smtp_from_name": "***********",
  "smtp_host": null,
  "smtp_password": null,
  "smtp_port": 587,
  "smtp_security": "starttls",
  "smtp_ssl": null,
  "smtp_timeout": 15,
  "smtp_username": null,
  "sso_allow_unknown_email_verification": false,
  "sso_audience_trusted": null,
  "sso_auth_only_not_session": false,
  "sso_authority": "",
  "sso_authorize_extra_params": "",
  "sso_callback_path": "*****://*****************************************************",
  "sso_client_cache_expiration": 0,
  "sso_client_id": "",
  "sso_client_secret": "***",
  "sso_debug_tokens": false,
  "sso_enabled": false,
  "sso_master_password_policy": null,
  "sso_only": false,
  "sso_pkce": true,
  "sso_scopes": "email profile",
  "sso_signups_match_email": true,
  "templates_folder": "data/templates",
  "tmp_folder": "data/tmp",
  "trash_auto_delete_days": null,
  "trash_purge_schedule": "0 5 0 * * *",
  "use_sendmail": false,
  "use_syslog": false,
  "user_attachment_limit": null,
  "user_send_limit": null,
  "web_vault_enabled": true,
  "web_vault_folder": "web-vault/",
  "yubico_client_id": null,
  "yubico_secret_key": null,
  "yubico_server": null
}

Vaultwarden Build Version

v1.35.3

Deployment method

Official Container Image

Custom deployment method

No response

Reverse Proxy

apache 2.4.58

Host/Server Operating System

Linux

Operating System Version

Ubuntu 24.04.4 LTS

Clients

Web Vault

Client Version

Google Chrome Version 144.0.7559.133 (Official Build) (64-bit), and also Edge Version 144.0.3719.115 (Official build) (64-bit)

Steps To Reproduce

  1. Go to vaultwarden proxy URL "https://.../", after that the url changes to "https://.../#/login"
  2. There I still see "Create account" link.

In .env file, I have set SIGNUPS_ALLOWED=false, and in compose.yaml file I set:

    environment:
      SIGNUPS_ALLOWED: "${SIGNUPS_ALLOWED}"

When I create the container, I see this, so it shows to me, that -e=SIGNUPS_ALLOWED=false

INFO[0011] Creating container vaultwarden
INFO[0011] Running [/usr/local/bin/nerdctl run --cidfile=/tmp/compose-3899447562/cid -l=com.docker.compose.project=vaultwarden -l=com.docker.compose.service=vaultwarden -l=com.docker.compose.config-hash=39df23dc1e3c8b5ee6bb1d21a3fbdcaf05f0478bc1a413aa856977da147f55d9 -d --name=vaultwarden --pull=never -e=LOG_FILE=/logs/vaultwarden.log -e=LOG_LEVEL=debug -e=SIGNUPS_ALLOWED=false --net=vaultwarden_default --hostname=vaultwarden -p=127.0.0.1:8080:80/tcp --read-only --restart=unless-stopped -v=/etc/localtime:/etc/localtime:ro -v=/etc/timezone:/etc/timezone:ro -v=/home/apps/data/vaultwarden:/data -v=/home/apps/logs/vaultwarden:/logs --tmpfs=/tmp vaultwarden/server:latest]

However, when I click onto to this link, add email and name, I do get the error from UI (so the parameter is in fact working):

An error has occurred.
Registration not allowed or user already exists

And from logs (debug mode set), I get:

[2026-02-15 03:50:21.081][request][INFO] POST /identity/accounts/register/send-verification-email
[2026-02-15 03:50:21.082][vaultwarden::api::identity][ERROR] Registration not allowed or user already exists
[2026-02-15 03:50:21.082][response][INFO] (register_verification_email) POST /identity/accounts/register/send-verification-email => 400 Bad Request

But I am thinking, shouldn't this link be hidden when signups are not allowed ?

At least, I think it should. Why I think this, is the fact that.
Well, I have "Docker desktop" running also in my windows PC, and with WSL (Windows Subsystem for Linux), I have installed ubuntu 24.04 there. And I have the same setup there. And when I disable the signups -e=SIGNUPS_ALLOWED=false, and create the container, then this "Create account" URL is hidden from the admin page.
From my windows PC, only difference is, I access it via http://localhost:8080/#/login

Expected Result

I would think the expected result is, that when -e=SIGNUPS_ALLOWED=false, then it hides the "Create account" link.

Actual Result

But for me the "Create account" link still shows here.
Image

Logs


Screenshots or Videos

No response

Additional Context

No response

Originally created by @raulk89 on GitHub (Feb 15, 2026). Original GitHub issue: https://github.com/dani-garcia/vaultwarden/issues/6831 ### Prerequisites - [x] I have searched the existing **Closed _AND_ Open** [Issues](https://github.com/dani-garcia/vaultwarden/issues?q=is%3Aissue%20) **_AND_** [Discussions](https://github.com/dani-garcia/vaultwarden/discussions?discussions_q=) - [x] I have searched and read the [documentation](https://github.com/dani-garcia/vaultwarden/wiki/) ### Vaultwarden Support String ### Your environment (Generated via diagnostics page) * Vaultwarden version: v1.35.3 * Web-vault version: v2026.1.1 * OS/Arch: linux/x86_64 * Running within a container: false (Base: Not applicable) * Database type: SQLite * Database version: 3.50.2 * Uses config.json: false * Uses a reverse proxy: true * IP Header check: true (X-Real-IP) * Internet access: true * Internet access via a proxy: false * DNS Check: true * Browser/Server Time Check: true * Server/NTP Time Check: true * Domain Configuration Check: true * HTTPS Check: true * Websocket Check: true * HTTP Response Checks: true ### Config & Details (Generated via diagnostics page) <details><summary>Show Config & Details</summary> **Config:** ```json { "_duo_akey": null, "_enable_duo": true, "_enable_email_2fa": false, "_enable_smtp": true, "_enable_yubico": true, "_icon_service_csp": "", "_icon_service_url": "", "_ip_header_enabled": true, "_max_note_size": 10000, "_smtp_img_src": "***:", "admin_ratelimit_max_burst": 3, "admin_ratelimit_seconds": 300, "admin_session_lifetime": 20, "admin_token": "***", "allowed_connect_src": "", "allowed_iframe_ancestors": "", "attachments_folder": "data/attachments", "auth_request_purge_schedule": "30 * * * * *", "authenticator_disable_time_drift": false, "data_folder": "data", "database_conn_init": "", "database_idle_timeout": 600, "database_max_conns": 10, "database_min_conns": 2, "database_timeout": 30, "database_url": "***************", "db_connection_retries": 15, "disable_2fa_remember": false, "disable_admin_token": false, "disable_icon_download": false, "dns_prefer_ipv6": false, "domain": "*****://************************", "domain_origin": "*****://************************", "domain_path": "", "domain_set": true, "duo_context_purge_schedule": "30 * * * * *", "duo_host": null, "duo_ikey": null, "duo_skey": null, "duo_use_iframe": false, "email_2fa_auto_fallback": false, "email_2fa_enforce_on_verified_invite": false, "email_attempts_limit": 3, "email_change_allowed": true, "email_expiration_time": 600, "email_token_size": 6, "emergency_access_allowed": true, "emergency_notification_reminder_schedule": "0 3 * * * *", "emergency_request_timeout_schedule": "0 7 * * * *", "enable_db_wal": true, "enable_websocket": true, "enforce_single_org_with_reset_pw_policy": false, "event_cleanup_schedule": "0 10 0 * * *", "events_days_retain": null, "experimental_client_feature_flags": "", "extended_logging": true, "helo_name": null, "hibp_api_key": null, "http_request_block_non_global_ips": true, "http_request_block_regex": null, "icon_blacklist_non_global_ips": true, "icon_blacklist_regex": null, "icon_cache_folder": "data/icon_cache", "icon_cache_negttl": 259200, "icon_cache_ttl": 2592000, "icon_download_timeout": 10, "icon_redirect_code": 302, "icon_service": "internal", "incomplete_2fa_schedule": "30 * * * * *", "incomplete_2fa_time_limit": 3, "increase_note_size_limit": false, "invitation_expiration_hours": 120, "invitation_org_name": "Vaultwarden", "invitations_allowed": true, "ip_header": "X-Real-IP", "job_poll_interval_ms": 30000, "log_file": "/logs/vaultwarden.log", "log_level": "debug", "log_timestamp_format": "%Y-%m-%d %H:%M:%S.%3f", "login_ratelimit_max_burst": 10, "login_ratelimit_seconds": 60, "org_attachment_limit": null, "org_creation_users": "", "org_events_enabled": false, "org_groups_enabled": false, "password_hints_allowed": true, "password_iterations": 600000, "purge_incomplete_sso_auth": "0 20 0 * * *", "push_enabled": false, "push_identity_uri": "https://identity.bitwarden.com", "push_installation_id": "***", "push_installation_key": "***", "push_relay_uri": "https://push.bitwarden.com", "reload_templates": false, "require_device_email": false, "rsa_key_filename": "data/rsa_key", "send_purge_schedule": "0 5 * * * *", "sendmail_command": null, "sends_allowed": true, "sends_folder": "data/sends", "show_password_hint": false, "signups_allowed": false, "signups_domains_whitelist": "", "signups_verify": false, "signups_verify_resend_limit": 6, "signups_verify_resend_time": 3600, "smtp_accept_invalid_certs": false, "smtp_accept_invalid_hostnames": false, "smtp_auth_mechanism": null, "smtp_debug": false, "smtp_embed_images": true, "smtp_explicit_tls": null, "smtp_from": "", "smtp_from_name": "***********", "smtp_host": null, "smtp_password": null, "smtp_port": 587, "smtp_security": "starttls", "smtp_ssl": null, "smtp_timeout": 15, "smtp_username": null, "sso_allow_unknown_email_verification": false, "sso_audience_trusted": null, "sso_auth_only_not_session": false, "sso_authority": "", "sso_authorize_extra_params": "", "sso_callback_path": "*****://*****************************************************", "sso_client_cache_expiration": 0, "sso_client_id": "", "sso_client_secret": "***", "sso_debug_tokens": false, "sso_enabled": false, "sso_master_password_policy": null, "sso_only": false, "sso_pkce": true, "sso_scopes": "email profile", "sso_signups_match_email": true, "templates_folder": "data/templates", "tmp_folder": "data/tmp", "trash_auto_delete_days": null, "trash_purge_schedule": "0 5 0 * * *", "use_sendmail": false, "use_syslog": false, "user_attachment_limit": null, "user_send_limit": null, "web_vault_enabled": true, "web_vault_folder": "web-vault/", "yubico_client_id": null, "yubico_secret_key": null, "yubico_server": null } ``` </details> ### Vaultwarden Build Version v1.35.3 ### Deployment method Official Container Image ### Custom deployment method _No response_ ### Reverse Proxy apache 2.4.58 ### Host/Server Operating System Linux ### Operating System Version Ubuntu 24.04.4 LTS ### Clients Web Vault ### Client Version Google Chrome Version 144.0.7559.133 (Official Build) (64-bit), and also Edge Version 144.0.3719.115 (Official build) (64-bit) ### Steps To Reproduce 1. Go to vaultwarden proxy URL "https://.../", after that the url changes to "https://.../#/login" 2. There I still see "**Create account**" link. In **.env** file, I have set SIGNUPS_ALLOWED=false, and in compose.yaml file I set: ``` environment: SIGNUPS_ALLOWED: "${SIGNUPS_ALLOWED}" ``` When I create the container, I see this, so it shows to me, that `-e=SIGNUPS_ALLOWED=false` ``` INFO[0011] Creating container vaultwarden INFO[0011] Running [/usr/local/bin/nerdctl run --cidfile=/tmp/compose-3899447562/cid -l=com.docker.compose.project=vaultwarden -l=com.docker.compose.service=vaultwarden -l=com.docker.compose.config-hash=39df23dc1e3c8b5ee6bb1d21a3fbdcaf05f0478bc1a413aa856977da147f55d9 -d --name=vaultwarden --pull=never -e=LOG_FILE=/logs/vaultwarden.log -e=LOG_LEVEL=debug -e=SIGNUPS_ALLOWED=false --net=vaultwarden_default --hostname=vaultwarden -p=127.0.0.1:8080:80/tcp --read-only --restart=unless-stopped -v=/etc/localtime:/etc/localtime:ro -v=/etc/timezone:/etc/timezone:ro -v=/home/apps/data/vaultwarden:/data -v=/home/apps/logs/vaultwarden:/logs --tmpfs=/tmp vaultwarden/server:latest] ``` However, when I click onto to this link, add email and name, I do get the error from UI (so the parameter is in fact working): ``` An error has occurred. Registration not allowed or user already exists ``` And from logs (debug mode set), I get: ``` [2026-02-15 03:50:21.081][request][INFO] POST /identity/accounts/register/send-verification-email [2026-02-15 03:50:21.082][vaultwarden::api::identity][ERROR] Registration not allowed or user already exists [2026-02-15 03:50:21.082][response][INFO] (register_verification_email) POST /identity/accounts/register/send-verification-email => 400 Bad Request ``` But I am thinking, shouldn't this link be hidden when signups are not allowed ? At least, I think it should. Why I think this, is the fact that. Well, I have "Docker desktop" running also in my windows PC, and with WSL (Windows Subsystem for Linux), I have installed ubuntu 24.04 there. And I have the same setup there. And when I disable the signups `-e=SIGNUPS_ALLOWED=false`, and create the container, then this "**Create account**" URL is hidden from the admin page. From my windows PC, only difference is, I access it via `http://localhost:8080/#/login` ### Expected Result I would think the expected result is, that when `-e=SIGNUPS_ALLOWED=false`, then it hides the "Create account" link. ### Actual Result But for me the "**Create account**" link still shows here. <img width="1298" height="1200" alt="Image" src="https://github.com/user-attachments/assets/587ce614-87be-42c2-968e-c3f2e36b31db" /> ### Logs ```text ``` ### Screenshots or Videos _No response_ ### Additional Context _No response_
GiteaMirror added the bug label 2026-06-17 09:46:22 -05:00
Author
Owner

@stefan0xC commented on GitHub (Feb 15, 2026):

Cf. https://github.com/dani-garcia/vaultwarden/issues/6604#issuecomment-3790023684

<!-- gh-comment-id:3903067871 --> @stefan0xC commented on GitHub (Feb 15, 2026): Cf. https://github.com/dani-garcia/vaultwarden/issues/6604#issuecomment-3790023684
Sign in to join this conversation.
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: github-starred/vaultwarden#30040