diff --git a/roles/vaultwarden/templates/docker-compose.yaml b/roles/vaultwarden/templates/docker-compose.yaml
index 3e7c9ee..b43453c 100644
--- a/roles/vaultwarden/templates/docker-compose.yaml
+++ b/roles/vaultwarden/templates/docker-compose.yaml
@@ -7,7 +7,7 @@ services:
     environment:
       - DOMAIN=https://vw.{{ domain }}
       - SIGNUPS_ALLOWED=false
-      - INVITATIONS_ALLOWED=false
+      - ADMIN_TOKEN={{ vaultwarden_secrets['admin_token_hash'] | regex_replace('\$', '$$') }}
     ports:
       - 127.0.0.1:{{ ports['vaultwarden'] }}:80
     volumes:
diff --git a/secrets.yml.example b/secrets.yml.example
index ccd9b21..0cabba8 100644
--- a/secrets.yml.example
+++ b/secrets.yml.example
@@ -21,3 +21,7 @@ synapse_secrets:
   turn_shared_secret: "{{ coturn_secrets['static_auth_secret'] }}"
   macaroon_secret_key:
   form_secret:
+
+vaultwarden_secrets:
+  # Generate with: docker exec --rm -ti docker.io/vaultwarden/server:alpine /vaultwarden hash
+  admin_token_hash: