Start a Client Organization

Category: Provider Portal
On this page:

    This article will walk you through the creation of a Client Organization and outline a typical setup procedure for getting started administering a customer’s Organization.

    Create a Client Organization


    Already have an Organization setup for your customer? You can add an existing Organization to the Provider Portal.

    To create a Client Organization you must be a Provider Admin:

    1. Navigate to the Provider Portal and select the New Client Organization button:

      Create a Client Organization
      Create a Client Organization
    2. On the New Client Organization screen, enter an Organization Name, Billing Email, and Client Owner Email.


      An invitation will automatically be sent to the Client Owner Email to join the Organization as an Owner.

    3. From the Choose Your Plan list, select the type of Organization to create.


      Teams and Enterprise Organizations include premium features for all enrolled users.

    4. Set the following options for the Organization:

      • User Seats: Specify the number of User Seats you need for the Client Organization. You can always add more seats later.
      • Additional Storage (GB): Organizations come with 1GB of encrypted storage for attachments. Add additional storage for $0.33 per GB per month.
      • Billing Cadence: Choose whether you’d like to be billed for this Organization Annually or Monthly.
    5. Once you’re happy with the Organization, enter your Payment Information and select Submit.
    6. Select Submit to finishing creating the Organization.

    Once created, navigating to the Client Organization from the Provider Portal will bring you to the Organization Vault, from which you can fully complete initial setup and engage in ongoing administration:

    Client Organization Vault
    Client Organization Vault

    Initial Setup Procedure

    With your newly-created Client Organization, you’re ready to start building the perfect solution for your customer. Exact setup will be different for each Client Organization depending on your customers’ needs, but typically will involve the following steps:

    1. Create Collections. A good first step is to create a set of Collections, which provide an organizing structure for the Vault items you’ll add to the Vault in the next step.

      Common Collections patterns include Collections by Department (i.e. users in the client’s Marketing Team are assigned to a Marketing Collection) or Collections by Function (i.e. users from the client’s Marketing Team are assigned to a Social Media Collection):

    2. Populate the Organization Vault. Once the structure of how you’ll store Vault items is in place, you can begin populating the Organization with your client’s Logins, Notes, Cards, and Identities.

    3. Configure Enterprise Policies. Before beginning the user management portion of setup, configure Enterprise Policies in order to set rules-of-use for things like Master Password complexity, use of Two-step Login, and Admin Password Reset.


      Enterprise Policies are only available to Enterprise Organizations.

    4. Setup Login with SSO. If your customer uses Single Sign-On (SSO) to authenticate with other applications, connect Bitwarden with their IdP to allow authentication with Bitwarden using end-users’ SSO credentials.
    5. Create User Groups. For Teams and Enterprise Organizations, create a set of Groups for scalable permissions assignment. When you start adding users, add them to Groups to have each user automatically inherit the Group’s configured permissions (e.g. access to which Collections).

      One common Group-Collection pattern is to create Groups by Department and Collections by Function, for example:

    6. Start Inviting Users. Now that the infrastructure for securely and scalably sharing credentials is in place for your client, you can begin inviting users to the Organization. To ensure the security of the Organization, Bitwarden applies a 3-step process for onboarding new users, Invite → Accept → Confirm.


      If your customer uses directory service (Active Directory, an LDAP, Okta, etc.), use Directory Connector to automatically sync Organization users from the source directory and automatically issue invitations.