Bitwarden Learning

Getting started as an enterprise administrator


1. Create an Account and Master Password

Use your work or team email (ex. to create an account directly through the Bitwarden self-registration page or from your Organization's invitation email.

On the create your account screen, you will be prompted to set up a Master Password which you will use to access your vault. Be sure to store this somewhere securely as Bitwarden can not reset it for you. Use the Bitwarden Password Generator to help create a strong password or a memorable passphrase.

2. Create an Organization

If you are the first administrator to create an account with Bitwarden, you will also need to create your Organization.

If your Organization has already been created, you will need to ask an owner or admin of your Organization to send you an invitation email.

3. Get to know your vault

As an administrator, you will be able to store items (logins, cards, identities, and secure notes) in both your personal vault and your Organization vault.

4. Invite additional admins to your Organization

Invite your initial admins to your Organization. We have information about the pre-existing member roles as well as how to set up admin accounts with lesser privileges if the pre-existing roles don't fit your needs.

5. Create Collections and Groups

Your Organization vault allows your team to share items through Collections, while Groups allow you to manage user permissions for Collections at scale.

6. Import your passwords

Bring your previously saved passwords from a wide variety of other password managers or those saved inside your browser. We have more information on our help site about importing data to your personal vault and your shared Organization vault.

7. Configure Enterprise Policies

Enterprise Organization admins and owners have the ability to set policies for their Organization. Some of the most commonly implemented policies are:

8. Configure SSO

Bitwarden allows integration with SAML 2.0 or OIDC. Within your Organization Settings, you will need to create a unique SSO Identifier for your Organization and Allow SSO Authentication. Implementation varies from provider-to-provider, but we have 10+ guides available.

9. Invite your team by configuring SCIM or Directory Connector

Bitwarden offers both Directory Connector and SCIM to automatically provision users, groups, and group associations.


System for cross-domain identity management (SCIM) can be used to automatically provision members and groups in your Bitwarden organization.

Bitwarden servers provide a SCIM endpoint that, with a valid SCIM API Key, will accept requests from your identity provider (IdP) for user and group provisioning and de-provisioning.

Bitwarden Directory Connector

The Bitwarden Directory Connector app automatically provisions users, groups, and group associations in your Bitwarden organization by pulling from a selection of source directory services. Provisioned users will be issued invitations to join the organization, and can subsequently complete the normal onboarding procedure. It can also be configured to remove users from your Bitwarden organization when they are disabled from the source directory.

Back to Learning

Additional Resources

© 2023 Bitwarden, Inc.