User guide: Starting Bitwarden with SSO with trusted devices

Hello! Welcome to Bitwarden! 

This guide is here to help you create your Bitwarden account and join your business’s Bitwarden organization. There are three parts to getting set up. These steps should take less than 20 minutes to complete.

Note: This guide is only applicable to organizations implementing SSO with trusted devices

1. You will either receive an email invitation from Bitwarden or from your IT department. If it is from Bitwarden, click on Join Organization Now. If the invitation is from your IT department, follow the instructions they provided.

2. You will be taken to the Bitwarden web app. Enter your email address then click Use single sign-on to begin the login and account creation process.

3. Now you will be redirected to your SSO login (Azure/Okta/JumpCloud etc). Login with your SSO credentials. This is the password you use to log into other company tools, such as Outlook.

Note: If you are asked for an SSO Identifier, refer to your administrator’s instructions or contact your IT team for support.

Once completed, you will be asked if the device should be remembered. Be sure the box is checked and continue.

Now you will be redirected to your newly created Bitwarden account in the Bitwarden web app! Do not close it as the web app will be used to approve other logins.

At this point you are not yet a part of your company’s organization - your admin will need to confirm you. You will receive an email when this occurs.

Browser extension:

1. While you wait for confirmation, download the Bitwarden extension for your browser and install it, if it hasn’t already been installed for you by your IT department. You can find the Bitwarden browser extension in your browser’s extension/add-on store. Shortcuts are provided at bitwarden.com/download.

2. Once installed, open the extension (commonly found behind the puzzle piece icon in your browser) and log into it by entering your email address and selecting Use single sign-on.

3. You will be redirected to your SSO login. Enter your SSO credentials if prompted.

4. Bitwarden will ask you to approve the new login.

There are several options. Select Approve from your other device, which in this case will be the web app you are still logged into. Go back to the Bitwarden web app, navigate to Settings > Security > Devices, select the listed login attempt, and select Confirm access.

You're now logged into the extension!

Mobile app:

1. Download the Bitwarden mobile app to your phone from the Google Play Store or Apple App Store

2. Open the mobile app, enter your email address, and select Continue.

3. On the next screen, select Enterprise single sign-on.

4. You will be redirected to your SSO login. Enter your SSO credentials if prompted.

5. To self-approve the new login, in the Bitwarden web app, navigate to Settings > Security > Devices, select the login, and select Confirm access.

You’re now set up on mobile!

You’ll be able to use the Bitwarden mobile app to confirm new logins if you’re asked to do so in the future.

1. Pin the browser extension for easy access. The icon will show you if you are logged in or not (gray vs blue icon) and will display a counter if you have an item saved for the website you’re visiting.

2. Adjust timeout settings if available (your administrator may set these for you) for both the mobile app and extension. Understand the difference between locking the vault and logging out.

3. Set up biometric unlock for mobile app

4. Set up PIN unlock for the browser extension

5. Disable your browser’s built-in password manager.

That’s everything you need to create your account and log in for the first time! Now just wait to be confirmed into your organization and you can get started using Bitwarden to secure your passwords and other sensitive data.

For more resources, check out the Bitwarden Help Center guides and refer to your IT manager’s onboarding materials.