Bitwarden Learning

Getting started as an Enterprise admin

1. Create an Account and Master Password

Use your work or team email (ex. thomas@company.com) to create an account directly from your Organization's invitation email or through the Bitwarden self-registration page.

On the create your account screen, you will be prompted to set up a Master Password which you will use to access your vault. Be sure to store this somewhere securely as Bitwarden can not reset it for you. Use the Bitwarden Password Generator to help create a strong password or a memorable passphrase.

2. Create an Organization

If you are the first administrator to create an account with Bitwarden, you will also need to create your Organization.

If your Organization has already been created, you will need to ask an owner or admin of your Organization to send you an invitation email.

3. Get to know your vault

As an administrator, you will be able to store items (logins, cards, identities, and secure notes) in both your personal vault and your Organization vault.

4. Invite additional admins to your Organization

Invite your initial admins to your Organization. We have information about the pre-existing member roles as well as how to use custom roles if the exiting roles don't fit your needs.

5. Create Collections and Groups

Your Organization vault allows your team to share items through Collections, while Groups allow you to manage user permissions for Collections at scale.

6. Import your passwords

Bring your previously saved passwords from a wide variety of other password managers or those saved inside your browser. We have more information on our help site about importing data to your personal vault and your shared Organization vault.

7. Configure Enterprise Policies

Enterprise Organization admins and owners have the ability to set policies for their Organization. Some of the most commonly implemented policies are:

Optional Steps

Configure SSO

Set up SAML or OIDC Single sign-on

Bitwarden allows integration with SAML 2.0 or OIDC. Within your Organization Settings, you will need to create a unique SSO Identifier for your Organization and Allow SSO Authentication. Implementation varies from provider-to-provider, but we have over 10 guides available.

Verify your domain

In order to allow your users to automatically be taken to the login screen for your identity provider, you can verify your domain. This step is optional, but recommended.

Configure SCIM or Directory Connector for user and group provisioning

Bitwarden offers both Directory Connector and SCIM to automatically provision users, groups, and group associations.

SCIM

System for cross-domain identity management (SCIM) can be used to automatically provision members and groups in your Bitwarden organization.

Bitwarden servers provide a SCIM endpoint that, with a valid SCIM API Key, will accept requests from your identity provider (IdP) for user and group provisioning and de-provisioning.

Bitwarden Directory Connector

The Bitwarden Directory Connector app automatically provisions users, groups, and group associations in your Bitwarden organization by pulling from a selection of source directory services. Provisioned users will be issued invitations to join the organization, and can subsequently complete the normal onboarding procedure. It can also be configured to remove users from your Bitwarden organization when they are disabled from the source directory.

Let your users know about their Free Families Plan

All users of an Enterprise organization are provided with a complimentary Families plan that they can use to keep their personal data safe. We've created this email template to make it easier for you to let your end users know about this free benefit.

Back to Learning

Make a suggestion to this page


© 2024 Bitwarden, Inc. Terms Privacy Cookie Settings Sitemap

This site is available in English.
Go to EnglishStay Here