Password ManagerAutofill

Forming URIs for Autofill

Any login item in your vault can have one or more Uniform Resource Identifiers (URIs). A URI can be a website address (URL), a server IP address, a mobile app package ID, and more. On the web app and browser extensions Edit Login view, you can re-order website URIs if you have more than one for better visual organization using the drag-and-drop button:

Website fields
Website fields
note

Assigning URIs to login items is required if you want to use autofill in various Bitwarden apps.

URI schemes

Well-formed URIs should include a scheme at the beginning, for example the https:// scheme to securely reference a website address. If no scheme is specified, http:// is assumed.

tip

Most Bitwarden apps allow you to Launch an website or app directly from your vault. Without a scheme, launching won't work properly.

Launching applications is supported only in Android versions 13 and newer.

Schemes include:

  • http:// or https:// reference website addresses (for example, https://github.com).

  • androidapp:// references an Android application package ID or name (for example, androidapp://com.instagram.android). Learn more in the following section.

URIs for mobile apps

It can be tricky to obtain URIs for apps installed on iOS and Android devices. Here are a few tips for getting URIs on iOS and Android apps:

On iOS, the easiest way to find a URI for native applications is:

  1. On the app's login screen, use Passwords to open Bitwarden.

  2. Once Bitwarden is open, select the icon on the top right corner of the screen.

  3. The URI that has been included in the new vault item (if permitted by the app), can be copied and pasted into any existing login items.

Match detection options

Each URI assigned to a login has an associated match detection option. This option determines when Bitwarden will offer the login as available for autofill, typically determined by matching against specific component pieces. The following graphic breaks down component pieces of a URI:

Diagram of a URI
Diagram of a URI
note

Due to limitations in what the Android APIs can provide the autofill service, Android Password Manager clients cannot currently match URIs based on port or path.

Default match detection

Bitwarden browser extensions and mobile apps allow you to select a Default match detection behavior from the options listed next by navigating to SettingsAutofillDefault URI match detection. You can override the globally-set detection on an item-by-item basis in all Bitwarden apps.

Base domain matching is the default option.

Base domain

Selecting Base domain will prompt Bitwarden to offer autofill when the top-level domain (.com) and second-level domain (google) of the URI match the detected resource. Base domain matching is implemented to work with any country code top-level domain (for example, .it or .co.uk). For sites that use unique domains, such as for different countries, create additional base domain entries.

For example, if the URI https://google.com uses base domain match detection:

note

Login items intended to autofill in a URI with a local TLD (e.g. http://mysite.local or https://mysite.lan) or single-term hostname (e.g. http://localdevice) will not be available for base domain detection. We recommend using host matching.

Host

note

Due to limitations in what the Android APIs can provide the autofill service, Android Password Manager clients cannot currently match URIs based on port or path.

Selecting Host will prompt Bitwarden to offer autofill when the hostname and (if specified) port of the URI matches the detected resource.

For example, if the URI https://sub.domain.com:4000 uses host match detection:

warning

While using keyboard based suggestions, iOS will always use base domain matching for autofill suggestions. Opening the Bitwarden app during login will allow you to manually select the appropriate app for autofill.

Starts with

warning

Starts with is an advanced option and can be quite dangerous if used incorrectly. You should not use this option if you do not know exactly what you are doing.

Selecting Starts with will prompt Bitwarden to offer autofill when the detected resource starts with the URI, regardless of what follows it.

For example, if the URI https://sub.domain.com/path/ uses starts with match detection:

Regular expression

warning

Regular expressions are an advanced option and can be quite dangerous if used incorrectly. You should not use this option if you do not know exactly what you are doing.

Selecting Regular expression will prompt Bitwarden to offer autofill when the detected resource matches a specified regular expression. Regular expressions are always case insensitive.

Unsafe example

If the URI ^https://.*google\.com$ uses regular expression match detection:

This probably matches more than what is intended. Consider avoiding periods (.), which unless escaped (\) match on any character.

Safe example

If the URI ^https://[a-z]+\.wikipedia\.org/w/index\.php uses regular expression match detection:

Exact

Selecting Exact will prompt Bitwarden to offer autofill when the URI matches the detected resource exactly.

For example, if the URI https://www.google.com/page.html uses exact match detection:

tip

As shown in the table, you can use exact match detection to restrict autofill to only https:// sites. Note that, whether you use exact or not, browser extensions will warn users before autofilling an HTTP site when HTTPS is expected based on that item’s saved URI(s).

Never

Selecting Never will prompt Bitwarden to exclude the URI from match detection for autofill.

Equivalent domains

Equivalent domains, which can be set from the Account settings → Domain rules page of the web vault, allow you to link domains for easier autofill. For example, setting turbotax.com and intuit.com as equivalent means that a vault item with turbotax.com saved as a URI will also be offered for auto-fill at intuit.com.

Bitwarden maintains a vetted list of default equivalent domains of major sites, for example apple.com and icloud.com, to improve your autofill experience. You can disable any given equivalence by hovering over it and using the options menu to select Exclude.

tip

An equivalent domain will be negated for an item that uses exact match detection. For example, an item with the saved URI apple.com set to Exact will not offer autofill for icloud.com despite that being a default equivalent.