Bitwarden for Enterprise Features Datasheet

This document describes and references the features available to Bitwarden Enterprise Organizations in several categories:

Application Range and Ease-of-use

Enterprise Features Description
Deployment Options Cloud, Private Cloud, and Self-hosted.
Web Application Fully encrypted cloud web app at, or on your self-hosted server
Mobile Apps (with Mobile Login Controls) Available for iOS and Android. Learn more.
Browser Extensions Available for Chrome, Firefox, Opera, Edge, Vivaldi, Brave, Tor, and Safari. Learn more.
Desktop Applications Available for Windows, Mac, and Linux. Learn more.
Command-line Interface Available for Windows, Mac, and Linux. Learn More.

Administrative Features and Capabilities

Enterprise Features Description
Simple User Management Add or remove seats and onboard or offboard users directly from the Web Vault. Learn more.
Role Based Access Control Assign role-based access for Organization users, including a custom role and granular permissions (e.g. Hide Passwords, Read-Only). Learn more.
Directory Sync Synchronize your Bitwarden Organization with your existing user directory. Provision and deprovision users, groups, and group associations. Learn more.
SCIM Support Use the SCIM protocol to manage and provision Bitwarden users, groups, and group associations from your Identity Provider or directory service for easy onboarding and employee succession. Learn more.
Admin Password Reset Designated administrators can reset Master Password of end-user accounts if an employee loses or forgets their Master Password. Learn more.
Enterprise Policies Enforce security rules for all users, for example mandating use of Two-step Login. Learn more.
Temporary Password Sharing and Generation Create and share ephemeral data using Bitwarden Send. Learn more.
Complimentary Families Plan for Users All enterprise users receive a complimentary family plan for personal use to practice good security habits outside of the workplace. Learn more.


Enterprise Features Description
Vault Health Reports Run reports for Exposed Passwords, Reused Passwords, Weak Passwords, and more. Learn more.
Data Breach Reports Run reports for data compromised in known breaches (e.g. Email Addresses, Passwords, Credit Cards, DoB, etc.). Learn more.
Event Logs Get time stamped records of events that occur within your Organization Vault for easy use in the Web Vault or ingestion by other systems. Learn more.


Enterprise Features Description
2FA for Individuals A robust set of 2FA options for any Bitwarden user. Learn more.
2FA at Organization-level Enable 2FA via Duo for your entire Organization. Learn more.
Biometric Authentication Available for:
-Android (fingerprint unlock or face unlock) and iOS (Touch ID and Face ID)
-Windows Desktop Apps (Windows Hello using PIN, Facial Recognition, and more) and macOS Desktop Apps (Touch ID)
-Chromium-based browsers, Firefox 87+, and Safari Browser Extensions

Learn more.
Login with SSO Leverage your existing Identity Provider to authenticate your Bitwarden Organization users via SAML 2.0 or OpenID Connect (OIDC). Learn more.

Using Login with SSO, you can use one of two decryption options to determine how users decrypt Vault data once authenticated. Learn more.


Enterprise Features Description
Secure storage for Logins, Notes, Cards, and Identities Bitwarden Vault items are encrypted before being stored anywhere. Learn more.
Zero Knowledge Encryption All Vault data is end-to-end encrypted. Learn more.
Secure Username and Password Generator Generate secure, random, and unique credentials for every Vault item. Available on web and in-app. Learn more.
Encrypted Export Download encrypted exports for secure storage of Vault data backups. Learn more.
Biometric Authentication Available for:
-Android (fingerprint unlock or face unlock) and iOS (Touch ID and Face ID)
-Windows Desktop Apps (Windows Hello using PIN, Facial Recognition, and more) and macOS Desktop Apps (Touch ID)
-Chromium-based browsers, Firefox 87+, and Safari Browser Extensions

Learn more.
Emergency Access Users can designate and manage trusted emergency contacts, who may request access to their Vault in case of emergency. Learn more.
Account Fingerprint Phrase Security measure that uniquely and securely identifies a Bitwarden user account when encryption-related or onboarding operations are performed. Learn more.
Subprocessors See our full list of subprocessors: Bitwarden Subprocessors.

Compliance, Audits, Certifications

Enterprise Features Description
SOC 2 Type II and SOC 3 Read about our SOC Certifications.
Security and Compliance Assessments Bitwarden invests in annual third party audits, security assessments, and other compliance standards. All reports are available on the Bitwarden compliance page.
GDPR, CCPA, HIPAA, & Privacy Shield Read about our compliance with various privacy frameworks.
White-box Testing Performed by unit tests and QA engineers.
Black-box Testing Performed via automation and manual testing.
Bug Bounty Program Conducted through HackerOne. Learn more.

APIs and Extensibility

Enterprise Features Description
Programmatically Accessible Public and Private APIs for Organizations. Learn more.
Command Line Interface Fully featured and self-documented command-line tool. Learn more
Extensibility Support Automate workflows by combining API and CLI.


Enterprise Features Description
Local Cache & Offline Access Learn more.

© 2022 Bitwarden, Inc.