What are Collections?
Organizations control access to Organization-owned items by assigning users or Groups to Collections.
Organization-owned items must be included in at least one Collection.
For many Organizations, using Collections means adding a set of vault items and individually assigning users to that Collection. Some common methods for constructing scaleable Collections include Collections by Department (i.e. users from your Marketing Team are assigned to a Marketing Collection), or Collections by Function (i.e. users from your Marketing Team are assigned to a Social Media Collection):
Teams and Enterprise Organizations can also designate access to Collections based on user Groups, rather than individual users. Group-Collection associations provide a deeper level of access control and scalability to sharing resources. One common Group-Collection methodology is to create Groups by Department and Collections by Function, for example:
Other common methodologies include Collections by Vendor or System (i.e. users in an Engineering Group are assigned to a AWS Credentials Collection) and Groups by Locality (i.e. users are assigned to a US Employees Group or UK Employees Group).
Create a Collection
Creating a Collection, like many Organization management tasks, can only be done from the web vault.
Log in to your web vault and open your Organization.
Open the Manage tab and select the New Collection button:
Give your Collection a Name and, if you're a Teams or Enterprise Organization, assign Group Access to any existing Group.
The External Id field is only relevant if you're using Directory Connector.
Select Save to finish creating your Collection.
Collections can be "nested" to logically organize them within your Vault:
Nested Collections are for display-purposes only. They will not inherit items, access, or permissions from their "parent" Collection.
To create a nested Collection, follow the steps above, but give your Collections a Name that includes the "parent" name followed by a forward slash (
/) delimiter, for example
Collection 1/Collection 1a. If the "parent" Collection doesn't exist, the title will be displayed in-full.
Manage a Collection
You may find that you need to add or remove users from a Collection, or delete it entirely. Both of these can be done from the Manage → Collections view by hovering over the desired Collection and selecting the gear dropdown:
Deleting a Collection will not delete the Vault items included in it. When a Collection is deleted, Vault items will be moved to the Unassigned filter, accessible from the Organization Vault.
Move an item between Collections
Users with access to multiple Collections within your Organization can move a vault item from one Collection to another, or add a vault item to multiple Collections. Unlike creating a Collection, this can be done from any Bitwarden app: