Getting started as an enterprise administrator
Use your work or team email (ex. thomas@company.com) to create an account directly through the Bitwarden self-registration page or from your Organization's invitation email.
On the create your account screen, you will be prompted to set up a Master Password which you will use to access your vault. Be sure to store this somewhere securely as Bitwarden can not reset it for you. Use the Bitwarden Password Generator to help create a strong password or a memorable passphrase.
If you are the first administrator to create an account with Bitwarden, you will also need to create your Organization.
If your Organization has already been created, you will need to ask an owner or admin of your Organization to send you an invitation email.
As an administrator, you will be able to store items (logins, cards, identities, and secure notes) in both your personal vault and your Organization vault.
Invite your initial admins to your Organization. We have information about the pre-existing member roles as well as how to set up admin accounts with lesser privileges if the pre-existing roles don't fit your needs.
Your Organization vault allows your team to share items through Collections, while Groups allow you to manage user permissions for Collections at scale.
Bring your previously saved passwords from a wide variety of other password managers or those saved inside your browser. We have more information on our help site about importing data to your personal vault and your shared Organization vault.
Enterprise Organization admins and owners have the ability to set policies for their Organization. Some of the most commonly implemented policies are:
Setting minimum Master Password requirements
Setting minimum Password Generator requirements
Allowing admins and owners to reset user Master Passwords
Bitwarden allows integration with SAML 2.0 or OIDC. Within your Organization Settings, you will need to create a unique SSO Identifier for your Organization and Allow SSO Authentication. Implementation varies from provider-to-provider, but we have 10+ guides available.
Bitwarden offers both Directory Connector and SCIM to automatically provision users, groups, and group associations.
SCIM
System for cross-domain identity management (SCIM) can be used to automatically provision members and groups in your Bitwarden organization.
Bitwarden servers provide a SCIM endpoint that, with a valid SCIM API Key, will accept requests from your identity provider (IdP) for user and group provisioning and de-provisioning.
Bitwarden Directory Connector
The Bitwarden Directory Connector app automatically provisions users, groups, and group associations in your Bitwarden organization by pulling from a selection of source directory services. Provisioned users will be issued invitations to join the organization, and can subsequently complete the normal onboarding procedure. It can also be configured to remove users from your Bitwarden organization when they are disabled from the source directory.
