Feature: credentials page & vaultwarden compose setup (#3534)

Co-authored-by: Suchintan <suchintan@users.noreply.github.com>

fern/credentials/bitwarden.mdx

@@ -40,3 +40,109 @@ Please contact sales@skyvern.com to set up the integration for this step.
 <img src="../images/bitwarden/bitwarden_tutorial_create_skyvern_task_block.png" />
 
 ### Bitwarden Integration in Open Source
+
+Skyvern can integrate with self-hosted Bitwarden-compatible services like [vaultwarden](https://github.com/dani-garcia/vaultwarden). Since vaultwarden only implements the client API (not the server endpoints), we use a Bitwarden CLI server as a bridge.
+
+#### Architecture
+
+```text
+Skyvern → bw serve (CLI Server) → vaultwarden
+```
+
+The CLI server provides the REST API endpoints that Skyvern expects, while connecting to your vaultwarden instance.
+
+#### Quick Setup
+
+**Step 1: Get vaultwarden API Credentials**
+
+1. Log into your vaultwarden web interface
+2. Go to **Account Settings → Security → API Key**
+3. Click **View API Key**
+4. Save the `client_id` and `client_secret`
+
+**Step 2: Configure Environment Variables**
+
+Add these to your `.env` file:
+
+```bash
+# Skyvern Bitwarden Configuration
+SKYVERN_AUTH_BITWARDEN_ORGANIZATION_ID=your-org-id-here
+SKYVERN_AUTH_BITWARDEN_MASTER_PASSWORD=your-master-password-here
+SKYVERN_AUTH_BITWARDEN_CLIENT_ID=user.your-client-id-here
+SKYVERN_AUTH_BITWARDEN_CLIENT_SECRET=your-client-secret-here
+
+# Vaultwarden Configuration
+BW_HOST=https://your-vaultwarden-server.com
+BW_CLIENTID=${SKYVERN_AUTH_BITWARDEN_CLIENT_ID}
+BW_CLIENTSECRET=${SKYVERN_AUTH_BITWARDEN_CLIENT_SECRET}
+BW_PASSWORD=${SKYVERN_AUTH_BITWARDEN_MASTER_PASSWORD}
+
+# CLI Server Configuration (defaults are correct)
+BITWARDEN_SERVER=http://localhost
+BITWARDEN_SERVER_PORT=8002
+```
+
+**Step 3: Start the Services**
+
+The Bitwarden CLI server is included in the main Docker Compose setup:
+
+```bash
+docker-compose up -d bitwarden-cli
+```
+
+**Step 4: Verify Setup**
+
+Test that the CLI server is working:
+
+```bash
+# Check status
+curl http://localhost:8002/status
+
+# List items from your vault
+curl http://localhost:8002/list/object/items
+```
+
+#### How It Works
+
+1. **vaultwarden** - Your existing password manager server
+2. **bitwarden-cli container** - Runs `bw serve` to provide REST API endpoints
+3. **Skyvern** - Uses the CLI server's REST API to access credentials
+
+#### Available API Endpoints
+
+The CLI server provides these endpoints on port 8002:
+
+- `GET /status` - Server status
+- `POST /unlock` - Unlock vault
+- `GET /list/object/items` - List all items
+- `GET /object/item/{id}` - Get specific item
+- `POST /object/item` - Create new item
+- `GET /object/template/item` - Get item template
+
+#### Troubleshooting
+
+**CLI Server Won't Start**
+
+Check the container logs:
+```bash
+docker-compose logs bitwarden-cli
+```
+
+Common issues:
+- Invalid API credentials
+- Wrong vaultwarden server URL
+- Network connectivity issues
+- Incorrect master password
+
+**Skyvern Can't Connect**
+
+1. Verify CLI server is running: `curl http://localhost:8002/status`
+2. Check that `BITWARDEN_SERVER=http://localhost` and `BITWARDEN_SERVER_PORT=8002`
+3. Ensure proper organization ID and credentials are set
+
+#### Security Notes
+
+- The CLI container runs as a non-root user
+- Only binds to localhost by default for security
+- Vault remains encrypted until explicitly unlocked
+- Uses API key authentication with vaultwarden