Bitwarden Enterprise Password Manager Implementation Guide

Step 1: Administrator Training

Example special topics include, but are not limited to:

Considerations for self-hosted environments

Demonstrating the configured SSO login flow

Custom fields

Custom roles

Setting up Bitwarden two-step login (if not configured with the SSO IdP)

Internal training / managers

Bitwarden Learning

Personalized training sessions are also available upon request

Step 2: Team Member Training 

A general training session for end users will cover:

How to Import current passwords into Bitwarden

Bitwarden for all devices

Setting up the Bitwarden Browser Extension

Creating your account

Getting to know the Bitwarden vault

How to use the Bitwarden Password Manager

Bitwarden Send

All levels

Bitwarden Learning

Personalized training sessions are also available upon request

Step 3: Service desk training

Optional dedicated training session to set your service desk team up for success

Service desk, customer success leads

Ongoing Education

All users can take advantage of monthly new and updated learning content in the Bitwarden Learning Center

New users brought on after initial onboarding can take advantage of the live Bitwarden Weekly Demo and Q&A or watch a pre-recorded version

All levels

Bitwarden Learning

Bitwarden Live Weekly Demo

Bitwarden Demo for Teams and Enterprises

Step 1: Identify Organization Owner

Create a free user account on using the email intended for Organization ownership and administration. The Owner is the super-user that can control all aspects of your organization. Decide if you want the email to be associated with a specific user or a team inbox.

Note: If you’re being assisted by a Bitwarden representative, skip this step

Organization Owner

Step 2: Create Organization

Create a free Organization on Bitwarden Cloud at . This will be used for billing purposes even if self-hosted.

Note: If you’re being assisted by a Bitwarden representative, skip this step

Organization Owner

Organizations

Step 3: Configure Enterprise Policies

Best practice is to enable and configure all policies before user onboarding begins.

Note: Any Policies should be enabled prior to user invitation as not all policies are retroactive.

Organization Owners + Admins

Enterprise policies

Step 4: Select collection management settings

Choose how collections will behave in the organization. These settings allow for a spectrum of full admin control to completely self-serve where users can create their own collections. These settings can be used to establish a policy of least privilege.

Owner

Collection Management

Resource: Collections Management Settings

Step 5: Review and set up integrations

Visit the Integrations page in the Admin Console, set up desired integrations, such as Login with SSO.

Organization Owners + Admins

Resource: Choose the Right SSO Login Strategy

Step 6: Add additional administrators

Add Administrators to the Organization as needed. We also recommend configuring a second Owner for redundancy.

Organization Owners + Admins

User Management

Step 7: Create Collections for Administrators and users to share

Collections are where secure items are located that are shared with Groups of users. 

Organization Owners + Admins

Collections

Step 8: Create Groups for managing users

Creating Groups allows easy assignment of Collections. Please note: If you decide to sync Groups and users from your Identity Provider or Directory Service, you may need to reconfigure user and Group assignments later.

Organization Owners + Admins

Groups

Step 9: Assign Collections to Groups to begin sharing passwords

Assign Groups to Collections, making sure to test and demonstrate 'Read Only' and 'Hide Password' options.

Organization Owners + Admins

Member Roles and Permissions

Step 10: Add items to test Collections

Add items manually or import via CSV or JSON from another password management application.

Organization Owners + Admins

Import Data to Your Vault

Integration Engineer (Optional)

Assistance in further structuring the organization's policies, collections and groups.

Organization Owners + Admins

Collections

Groups

Step 1: Determine timeline for rollout to initial wave

Senior leadership / Security teams

Onboarding workflows

Step 2: Create internal messaging / memo about Bitwarden rollout

Check out Bitwarden tutorial videos on YouTube and the Bitwarden 101 video series in the  Learning Center.

Internal training / managers

Bitwarden on YouTube

Step 3: Leverage the Customer Activation Kit

Utilize the Customer Activation Kit to access ready-to-use marketing materials such as brand assets, one-pagers, and explainer videos. These resources can enhance your internal communications and support end-user activation.

Internal training / managers

Customer Activation Kit

Step 4: Communicate to internal leaders about Password Management policies

Internal leaders / Security teams

Step 5: Download and login to Bitwarden Client Applications

Download and implement Bitwarden client applications to confirm proper configuration for secure data sharing, and intended Enterprise Policies are working, and the onboarding function is successful.

Note: Some organizations will already have a policy in place to configure clients through device management software.

Note: Self-hosted users will need to set the client's environment:

All users

Install and Sync All of Your Devices

Step 6: Configure Directory Connector or SCIM to invite users

Begin the Directory Connector or SCIM integration provisioning to start inviting users to the organization 

Provide the script to bypass the user acceptance step that can be input within the CLI (optional).

Review secure offboarding procedure

Organization Owners + Admins

About SCIM

About Directory Connector

Step 7: User Account Migration 

Instruct users how to migrate from their current password manager to Bitwarden.

All Users 

Import Data to Your Vault

Step 8: Ask your users to disable their browser's built-in password manager

Built-in password managers for browsers are more vulnerable to security threats and can interfere with the Bitwarden experience.

All users

Disable a browser's built-in password manager

For larger customers, Bitwarden offers ongoing meetings with Customer Success Engagement Managers and Bitwarden executives

Assistance in any further deployment practices 

Q&A Sessions

Check In Meetings

Organization Owners + Admins + Internal leaders / Security teams

Collections

Groups

Ongoing: Billing support requests

Contact Support for expedited billing support assistance

Organization Owners

Bitwarden Help Center

Ongoing: Technical support requests

Contact Support for expedited technical support assistance

All users

Bitwarden Help Center

For larger customers, Bitwarden offers ongoing meetings with a Customer Success Engagement Manager and Bitwarden executives

Regular meetings with Customer Success Engagement Manager 

Periodic meetings with Bitwarden executives and product team 

Review feedback and feature requests from first two months of deployment

Organization owners, admins, project managers, service desk teams, and end users of larger enterprise customers