Getting started as an Enterprise admin
Use your work or team email (ex. thomas@company.com) to create an account directly from your Organization's invitation email or through the Bitwarden self-registration page.
On the create your account screen, you will be prompted to set up a Master Password which you will use to access your vault. Be sure to store this somewhere securely as Bitwarden can not reset it for you. Use the Bitwarden Password Generator to help create a strong password or a memorable passphrase.
If you are the first administrator to create an account with Bitwarden, you will also need to create your Organization.
If your Organization has already been created, you will need to ask an owner or admin of your Organization to send you an invitation email.
As an administrator, you will be able to store items (logins, cards, identities, and secure notes) in both your personal vault and your Organization vault.
Invite your initial admins to your Organization. We have information about the pre-existing member roles as well as how to use custom roles if the exiting roles don't fit your needs.
Your Organization vault allows your team to share items through Collections, while Groups allow you to manage user permissions for Collections at scale.
Bring your previously saved passwords from a wide variety of other password managers or those saved inside your browser. We have more information on our help site about importing data to your personal vault and your shared Organization vault.
Enterprise Organization admins and owners have the ability to set policies for their Organization. Some of the most commonly implemented policies are:
Setting minimum Master Password requirements
Setting minimum Password Generator requirements
Allowing admins and owners to reset user Master Passwords
Set up SAML or OIDC Single sign-on
Bitwarden allows integration with SAML 2.0 or OIDC. Within your Organization Settings, you will need to create a unique SSO Identifier for your Organization and Allow SSO Authentication. Implementation varies from provider-to-provider, but we have over 10 guides available.
Verify your domain
In order to allow your users to automatically be taken to the login screen for your identity provider, you can verify your domain. This step is optional, but recommended.
Bitwarden offers both Directory Connector and SCIM to automatically provision users, groups, and group associations.
SCIM
System for cross-domain identity management (SCIM) can be used to automatically provision members and groups in your Bitwarden organization.
Bitwarden servers provide a SCIM endpoint that, with a valid SCIM API Key, will accept requests from your identity provider (IdP) for user and group provisioning and de-provisioning.
Bitwarden Directory Connector
The Bitwarden Directory Connector app automatically provisions users, groups, and group associations in your Bitwarden organization by pulling from a selection of source directory services. Provisioned users will be issued invitations to join the organization, and can subsequently complete the normal onboarding procedure. It can also be configured to remove users from your Bitwarden organization when they are disabled from the source directory.
All users of an Enterprise organization are provided with a complimentary Families plan that they can use to keep their personal data safe. We've created this email template to make it easier for you to let your end users know about this free benefit.