Bitwarden for Enterprise Features Datasheet
This document describes and references the features available to Bitwarden Enterprise Organizations in several categories:
Application Range and Ease-of-use
Cloud, Private Cloud, and Self-hosted.
Fully encrypted cloud web app at https://vault.bitwarden.com, or on your self-hosted server
Mobile Apps (with Mobile Login Controls)
Available for iOS and Android. Learn more.
Available for Chrome, Firefox, Opera, Edge, Vivaldi, Brave, Tor, and Safari. Learn more.
Available for Windows, Mac, and Linux. Learn more.
Available for Windows, Mac, and Linux. Learn More.
Administrative Features and Capabilities
Simple User Management
Add or remove seats and onboard or offboard users directly from the Web Vault. Learn more.
Role Based Access Control
Assign role-based access for Organization users, including a custom role and granular permissions (e.g. Hide Passwords, Read-Only). Learn more.
Synchronize your Bitwarden Organization with your existing user directory. Provision and deprovision users, groups, and group associations. Learn more.
Use the SCIM protocol to manage and provision Bitwarden users, groups, and group associations from your Identity Provider or directory service for easy onboarding and employee succession. Learn more.
Admin Password Reset
Designated administrators can reset Master Password of end-user accounts if an employee loses or forgets their Master Password. Learn more.
Enforce security rules for all users, for example mandating use of Two-step Login. Learn more.
Temporary Password Sharing and Generation
Create and share ephemeral data using Bitwarden Send. Learn more.
Complimentary Families Plan for Users
All enterprise users receive a complimentary family plan for personal use to practice good security habits outside of the workplace. Learn more.
Vault Health Reports
Run reports for Exposed Passwords, Reused Passwords, Weak Passwords, and more. Learn more.
Data Breach Reports
Run reports for data compromised in known breaches (e.g. Email Addresses, Passwords, Credit Cards, DoB, etc.). Learn more.
Get time stamped records of events that occur within your Organization Vault for easy use in the Web Vault or ingestion by other systems. Learn more.
2FA for Individuals
A robust set of 2FA options for any Bitwarden user. Learn more.
2FA at Organization-level
Enable 2FA via Duo for your entire Organization. Learn more.
Login with SSO
Leverage your existing Identity Provider to authenticate your Bitwarden Organization users via SAML 2.0 or OpenID Connect (OIDC). Learn more.
Secure storage for Logins, Notes, Cards, and Identities
Bitwarden Vault items are encrypted before being stored anywhere. Learn more.
Zero Knowledge Encryption
All Vault data is end-to-end encrypted. Learn more.
Secure Username and Password Generator
Generate secure, random, and unique credentials for every Vault item. Available on web and in-app. Learn more.
Download encrypted exports for secure storage of Vault data backups. Learn more.
Users can designate and manage trusted emergency contacts, who may request access to their Vault in case of emergency. Learn more.
Account Fingerprint Phrase
Security measure that uniquely and securely identifies a Bitwarden user account when encryption-related or onboarding operations are performed. Learn more.
See our full list of subprocessors: Bitwarden Subprocessors.
Compliance, Audits, Certifications
SOC 2 Type II and SOC 3
Security and Compliance Assessments
Bitwarden invests in annual third party audits, security assessments, and other compliance standards. All reports are available on the Bitwarden compliance page.
GDPR, CCPA, HIPAA, & Privacy Shield
Performed by unit tests and QA engineers.
Performed via automation and manual testing.
Bug Bounty Program
Conducted through HackerOne. Learn more.
APIs and Extensibility
Public and Private APIs for Organizations. Learn more.
Command Line Interface
Fully featured and self-documented command-line tool. Learn more.
Automate workflows by combining API and CLI.
Local Cache & Offline Access