The Bitwarden Blog

Introducing Custom Roles For Managers And Administrators

Our latest release includes a new custom user role, offering more flexibility to Organization Administrators. The custom user role is specifically designed for Organizations who need more granular control of permissions for Manager and Administrator capabilities.

Proper access control essential to the Enterprise

As a company scales, new challenges and opportunities arise. IT teams need to regularly evaluate access management, and properly configure user roles to ensure a secure workforce. Bitwarden addresses this need for more customizable access, especially for large Organizations, with the new custom role. You can ensure simple access control for each Manager or Administrator and each can be assigned unique permissions based on requirements.

Custom roles on user-by-user basis

Let’s dive into the details. The custom roles allow you to select capabilities within Bitwarden on a user-by-user basis, including: Manage Assigned collections Access Business Portal Access Event Logs Access Import/Export Access Reports Manage All Collections Manage Groups Manage SSO Manage Policies Manage Users The combination of possibilities ensures companies can choose exactly what is needed for their environments!

Use cases

Custom roles help Enterprises better manage their Bitwarden security in many ways and in this blog post we will highlight two use cases.

Example 1: Large corporation with deep hierarchy

Bitwarden helps organizations scale the management and sharing of secure information. With a large corporation of several business units, product lines, and dozens of teams, Bitwarden administrators may be in charge of enabling thousands and thousands of users. Delegating password management responsibilities is essential in order to ensure proper password hygiene at all company levels.

For example, a Manager within the Marketing department could have permissions to manage their Collections and Reports, but not Manage Policies for the workforce.

Example 2: Managed Service Provider deploying Bitwarden to Clients

Many managed service providers choose Bitwarden to enhance value in their services, as well as ensure proper password management for their teams and their Clients’ teams. The custom role easily applies to these situations, which represent a multi-organization Organization. You could use the custom role to enable the MSP team to add users, manage Groups and Policies for the Client, but not be able to see or manage Collections in order to maintain Client privacy.

For more information about Bitwarden user roles, visit this Help article.

← Back to Blog