2021-08-18 Release Documentation (#708)

* Stage Providers (#691) * initial provider drafts * fix build errors * image overlays & alt-text * capitalize title * update /about-collections/ for providers * update /about-groups/ for provider users * updating 'sharing' for provider users * update /managing-users/ for provider users * provider - create org permissions fixes * update create org permissions * about-orgs compare to providers * temp remove pricing FAQ item * Update Staging w/ Latest (#695) * initial provider drafts * fix build errors * image overlays & alt-text * capitalize title * update /about-collections/ for providers * update /about-groups/ for provider users * updating 'sharing' for provider users * update /managing-users/ for provider users * provider - create org permissions fixes * update create org permissions * about-orgs compare to providers * temp remove pricing FAQ item * updates from cscharf & gtran review * updates from cscharf & gtran review * Update Staging w/ Latest Again (#696) * initial provider drafts * fix build errors * image overlays & alt-text * capitalize title * update /about-collections/ for providers * update /about-groups/ for provider users * updating 'sharing' for provider users * update /managing-users/ for provider users * provider - create org permissions fixes * update create org permissions * about-orgs compare to providers * temp remove pricing FAQ item * updates from cscharf & gtran review * updates from cscharf & gtran review * updates * Update Staging w/ Latest (#697) * initial provider drafts * fix build errors * image overlays & alt-text * capitalize title * update /about-collections/ for providers * update /about-groups/ for provider users * updating 'sharing' for provider users * update /managing-users/ for provider users * provider - create org permissions fixes * update create org permissions * about-orgs compare to providers * temp remove pricing FAQ item * updates from cscharf & gtran review * updates from cscharf & gtran review * updates * note on freeing up user seat * Update Staging w/ APR v1.0 (#698) * Update to Automatic Enrollment option * update for 'force change on login', image outstanding * reset via email updates, images outstanding * pre-release updates to admin pw reset * Update Staging w/ Latest (#699) * initial provider drafts * fix build errors * image overlays & alt-text * capitalize title * update /about-collections/ for providers * update /about-groups/ for provider users * updating 'sharing' for provider users * update /managing-users/ for provider users * provider - create org permissions fixes * update create org permissions * about-orgs compare to providers * temp remove pricing FAQ item * updates from cscharf & gtran review * updates from cscharf & gtran review * updates * note on freeing up user seat * Updates from recent product changes - title-cased buttons - access vault event + diagram in /article/providers/ * resolve conflict * Updating Staging w/ Latest (#701) * Update "share" -> "move" * resolve conflict * update /sharing/ refs * Update Staging w/ Latest (#702) * Bad link due to typo (#692) * release notes inital * update release notes and index.html to surface admin pw reset in popular articles Co-authored-by: Daniel Pedigo <dpedigo@gmail.com> * update diagram * additional FAQ items, edits from Gina, suggestion to provision 2nd Provider Admin * update CTA for signup * cli auth challenge draft (#706) * Update CLI doc for captcha error, rollback policies article * rollback pw reset article * rollback release notes * update move/share screenshots in provider content * update releasenotes date * faqs & feedback from rluibrand * redirect * resolve conflicts 1/3 * resolve conflicts 2/3 * test resolution for conflict * test resolution for conflict * hide deprecated articles & update links Co-authored-by: Daniel Pedigo <dpedigo@gmail.com>
2026-01-06 10:33:28 +00:00 · 2021-08-18 13:50:15 -04:00
parent b5c2c8e600
commit 25bc445da1
67 changed files with 734 additions and 159 deletions
--- a/_articles/organizations/about-collections.md
+++ b/_articles/organizations/about-collections.md
@@ -13,10 +13,10 @@ redirect_from:

 ## What are Collections?

-Collections gather together Logins, Notes, Cards, and Identities for [secure sharing]({{site.baseurl}}/article/share-to-a-collection/) within an Organization. Think of Collections as Organization-equivalents to the [Folders]({{site.baseurl}}/article/folders/) used to organize a Personal Vault, with a few key differences:
+Collections gather together Logins, Notes, Cards, and Identities for [secure sharing]({{site.baseurl}}/article/sharing/) from an Organization. Think of Collections as Organization-equivalents to the [Folders]({{site.baseurl}}/article/folders/) used to organize a Personal Vault, with a few key differences:

- Organizations control access to shared items by assigning users or [Groups]({{site.baseurl}}/article/about-groups/) to Collections.
- Shared items **must** be included in at least one Collection.
+- Organizations control access to Organization-owned items by assigning users or [Groups]({{site.baseurl}}/article/about-groups/) to Collections.
+- Organization-owned items **must** be included in at least one Collection.

 ### Using Collections

@@ -32,7 +32,7 @@ Other common methodologies include **Collections by Vendor or System** (i.e. use

 ## Create a Collection

-Users with the [Manager role (or higher)]({{site.baseurl}}/article/user-types-access-control/) can create and manage Collections. To create a Collection:
+Organization [Managers (or higher)]({{site.baseurl}}/article/user-types-access-control/) and [Provider Users]({{site.baseurl}}/article/provider-users/provider-user-types) can create and manage Collections. To create a Collection:

 1. Log in to your [Web Vault](https://vault.bitwarden.com){:target="\_blank"} and open your Organization.
 2. Open the **Manage** tab and select the {% icon fa-plus %} **New Collection** button:
--- a/_articles/organizations/about-groups.md
+++ b/_articles/organizations/about-groups.md
@@ -29,7 +29,7 @@ Other common methodologies include **Collections by Vendor or System** (i.e. use

 ## Create a Group

-Users with the [Admin role (or higher)]({{site.baseurl}}/article/user-types-access-control/#user-types) can create and manage Groups. To create a Group:
+Organization [Admins (or higher)]({{site.baseurl}}/article/user-types-access-control/#user-types) and [Provider Users]({{site.baseurl}}/article/provider-users/provider-user-types) can create and manage Groups. To create a Group:

 1. Log in to your [Web Vault](https://vault.bitwarden.com){:target="\_blank"} and open your Organization.
 2. Open the **Manage** tab and select **Groups** from the left-hand menu.
--- a/_articles/organizations/about-organizations.md
+++ b/_articles/organizations/about-organizations.md
@@ -13,13 +13,13 @@ redirect_from:

 ## What are Organizations?

-Organizations relate Bitwarden users and Vault items together for [secure sharing]({{site.baseurl}}/article/share-to-a-collection/) of Logins, Notes, Cards, and Identities. Organizations have a unique Vault, where [administrators]({{site.baseurl}}/article/user-types-access-control/) can manage the Organization's items, users, and settings:
+Organizations relate Bitwarden users and Vault items together for [secure sharing]({{site.baseurl}}/article/sharing/) of Logins, Notes, Cards, and Identities. Organizations have a unique Vault, where [administrators]({{site.baseurl}}/article/user-types-access-control/) can manage the Organization's items, users, and settings:

 {% image organizations/org-vault-admin.png Organization Vault %}

-Members of an Organization will find shared items ({% icon fa-share-alt %}) in their **My Vault** view alongside personal items, as well as filters for assigned [Collections]({{site.baseurl}}/article/about-collections/), which group Organization items similarly to how [Folders]({{site.baseurl}}/article/folders/) organize personal items:
+Members of an Organization will find shared items ({% icon fa-cube%}) in their **My Vault** view alongside personal items, as well as filters for assigned [Collections]({{site.baseurl}}/article/about-collections/), which group Organization items similarly to how [Folders]({{site.baseurl}}/article/folders/) organize personal items:

-{% image organizations/shared-items.png Access shared items %}
+{% image organizations/personal-vault-org-enabled.png Access shared items %}

 ### Types of Organizations

@@ -34,10 +34,14 @@ Bitwarden offers a variety of types of Organizations to meet your business's or

 ### Comparing Organizations with Premium

-The key thing to know is that **Organizations unlock access to secure sharing** between users. [Premium Individual plans]({{site.baseurl}}/article/about-bitwarden-plans/#premium-individual) unlock premium password security and management features, including advanced 2FA options, the Bitwarden Authenticator (TOTP), encrypted file attachments, and more, but Premium Individual **does not include secure data sharing.**
+The key thing to know is that Organizations enable **secure sharing from Organizations to users**. [Premium Individual plans]({{site.baseurl}}/article/about-bitwarden-plans/#premium-individual) unlock premium password security and management features, including advanced 2FA options, the Bitwarden Authenticator (TOTP), encrypted file attachments, and more, but Premium Individual **does not include secure data sharing.**

 Paid Organizations (Families, Teams, or Enterprise) automatically include those premium features (advanced 2FA options, Bitwarden Authenticator (TOTP), etc.) for **every** user enrolled in the Organization.

+### Comparing Organizations with Providers
+
+[Providers]({{site.baseurl}}/article/providers) are Vault-administration entities that allow businesses like Managed Service Providers (MSPs) to quickly create and administer **multiple Bitwarden Organizations** on behalf of business customers.
+
 ## Create an Organization

 Organizations are created and managed from the [Web Vault](https://vault.bitwarden.com){:target="\_blank"}. If you're new to Bitwarden, [create an account](https://vault.bitwarden.com/#/register){:target="\_blank"} before you start your Organization, then proceed with these instructions:
@@ -60,4 +64,4 @@ Organizations are created and managed from the [Web Vault](https://vault.bitward

   {% callout success %}New Families, Teams, and Enterprise Organization have a 7 day free trial built in! We won't charge you until your trial is over, and you can cancel your subscription at any time from the Organization **Settings** tab.{% endcallout %}

-Once you've created your Organization, create a [collection]({{site.baseurl}}/article/about-collections/), [invite users]({{site.baseurl}}/article/managing-users/), and [start sharing]({{site.baseurl}}/article/share-to-a-collection).
+Once you've created your Organization, create a [collection]({{site.baseurl}}/article/about-collections/), [invite users]({{site.baseurl}}/article/managing-users/), and [start sharing]({{site.baseurl}}/article/sharing).
--- a/_articles/organizations/deploying-bitwarden-as-a-msp.md
+++ b/_articles/organizations/deploying-bitwarden-as-a-msp.md
@@ -4,7 +4,7 @@ title: Deploying Bitwarden as an MSP
 categories: [organizations]
 featured: false
 popular: false
-hidden: false
+hidden: true
 tags: [MSPs, Organizations, Collections, Groups]
 order: 16
 ---
--- a/_articles/organizations/event-logs.md
+++ b/_articles/organizations/event-logs.md
@@ -86,6 +86,12 @@ https://github.com/bitwarden/web/blob/master/src/app/services/event.service.ts
 https://github.com/bitwarden/web/blob/master/src/locales/en/messages.json
 {% endcomment %}

+### Provider Events
+
+When any of the above events is executed by a member of an [administering Provider]({{site.baseurl}}/article/providers/), the **User** column will record the name of the Provider. Additionally, a Provider-specific event will record whenever a member of an administering Provider accesses your Organization Vault:
+
+`IMAGE PLACEHOLDER`
+
 ## Export Events

 Exporting event logs will create a `.csv` of all events within the specified date range:
--- a/_articles/organizations/how-to-manage-collections.md
+++ b/_articles/organizations/how-to-manage-collections.md
@@ -1,98 +0,0 @@
---
-layout: article
-title: Collections & Groups Best Practices
-categories: []
-featured: true
-popular: false
-tags: [collections, groups, access control]
-order:
---
-
-As your organization’s use of Bitwarden grows, it helps to have users who can manage collections independently, without requiring access to everything within the organizational vault.
-
-Managing collections and groups is a simple way to separate, grant, or limit access to vault items in Bitwarden, thereby controlling user visibility of resources.
-
-A complete list of roles and access control can be seen in the help note  [User Types and Access Control](https://bitwarden.com/help/article/user-types-access-control/), and a table is at the end of this post.
-
-We will review the **Manager** use case and the capabilities that role has in creating and managing collections.
-
-Before addressing collection management, let’s review **Collections**, **Groups**, and **Folders** within Bitwarden:
-
- A **Collection** within Bitwarden is a set of related items, such as login credentials, shared within an organization’s vault.  The items are grouped together according to whatever classification structure the organization administrator chooses -- for example by department such as sales or operations, or type of account such as shipping, ecommerce, or social media. You can think of a collection as analogous to a folder, but for organizational items
- A **Group** within Bitwarden is a set of authorized Bitwarden users -- in a business this could be Marketing, Sales, or Operations. Groups are available in Bitwarden Enterprise
- For reference, a **Folder** is a set of items within a personal vault the same way that a **Collection** is a set of items in an organization vault. Folders are not part of this article on **Collections**
-
-## The Manager Role within Bitwarden
-When a user is granted a Manager role by an organization Admin or Owner, they are given access to manage the collections of which they are a part.  The Manager role has fewer permissions than that Owner or Admin roles.
-
-In this example, our user is a manager of the following collections. Each of these collections represents numerous shared items.
-
- Customer Success
- Employees
- IT
- Marketing
- Sales
-
-And this user can create a **New Collection** via the button on the top right
-
-{% image collections/bitwarden-collections-manage.png %}
-
-##  Adding New Collections and Groups
-After clicking **New Collection**, the user is prompted to enter the Name and External ID.
-
-From there the Manager of the collection can assign groups to the newly created collection.
-
-{% callout info %}
-Groups are available in Bitwarden Enterprise
-{% endcallout % }
-
-{% image collections/bitwarden-collections-add-new.png %}
-
-For each Group added, additional options such as Hide Passwords and Read Only are available.
-
-**Read Only**
-Selecting this option will prevent users assigned to this collection from adding new items, and editing or deleting existing items.
-
-**Hide Passwords**
-This option hides passwords, TOTP seeds, and any custom fields of type hidden in this collection. This also disables the ability for an end-user to copy a password. In this configuration, an item may only be used with auto-fill.
-
-{% callout warning %}
-Enabling hidden passwords prevents the easy copy and paste of hidden items, however it does not completely prevent user access to this information. Please treat hidden passwords as you would any shared credential.
-{% endcallout %}
-
-### Adding items to a Collection
-When residing within the view of a collection in the web vault, new items will be saved within the collection.
-
-Items within a personal vault can be shared with a collection as well. Simply click on the **Settings** icon in the web vault, or edit the item in the browser extension to share it with the appropriate collection.
-
-**Unsharing items from a Collection**
-
-Once an item has been shared with an organizational vault, it cannot be unshared back to a personal vault in a single step. This is an intentional design. Users must consider any item shared as being available for all authorized users until that item is both unshared AND the password is changed.
-
-The recommended procedure to unshare an item is:
-
- Clone the item in the organization vault
-	- Collection Owners or Admins can share back to their personal vaults
-	- Collection Managers can share within a private collection
- Delete the original organizational item
- Change the password on the cloned item now in a private collection
-
-## Adding Individuals to a Collection
-Managers can also add individual users to collections via the **Settings** icon next to a created collection.
-
-
-{% image collections/bitwarden-collections-settings-add-users.png %}
-
-After selecting the Users option, a list of individuals within the organization will appear.
-
-{% image collections/bitwarden-collections-add-users.png %}
-
-With these capabilities in place, individual employees empowered as Managers will be able to create their own new collections, and add groups and users to those collections. They also have the ability to manage collections created by another manager.
-
-{% callout info %}
-Managers do not have access to change the composition of Groups. For that access, Admin or Owner roles are required. For example, if a Manager creates a collection of **Design Services** and adds the **Marketing** group to have access, and a user is removed from the Marketing group by the Admin, then that user will no longer have access to the Design Services collection.
-{% endcallout %}
-
-### Table of User Roles and Access
-
-{% image collections/user-roles-access-control-table.png %}
--- a/_articles/organizations/managing-users.md
+++ b/_articles/organizations/managing-users.md
@@ -10,10 +10,10 @@ order: 05

 ## Manage User Seats

-Bitwarden [Teams and Enterprise Organizations]({{site.baseurl}}/article/about-organizations/#types-of-organizations) allow you to add or remove user seats on-the-fly to best fit your business's needs. Only the [Organization Owner]({{site.baseurl}}/article/user-types-access-control/#user-types) can add and remove seats, as this directly affects your billing.
+Bitwarden [Teams and Enterprise Organizations]({{site.baseurl}}/article/about-organizations/#types-of-organizations) allow you to add or remove user seats on-the-fly to best fit your business's needs. Only an [Organization Owner]({{site.baseurl}}/article/user-types-access-control/#user-types) or [Provider Service User]({{site.baseurl}}/article/provider-users/#provider-user-types) can add and remove seats, as this directly affects billing.

 {% callout info %}
-If you have a [Free or Families Organization]({{site.baseurl}}/article/about-organizations/#types-of-organizations), your user seats are pre-loaded and fixed at 2 and 6, respectively. Proceed to [Onboard Users](#onboard-users).
+If you have a [Free or Families Organization]({{site.baseurl}}/article/about-organizations/#types-of-organizations), your user seats are pre-loaded and fixed at 2 and 6, respectively.
 {% endcallout %}

 ### Add Seats
--- a/_articles/organizations/onboarding-and-succession.md
+++ b/_articles/organizations/onboarding-and-succession.md
@@ -81,7 +81,7 @@ Once created, you'll land in your Organization Vault, which is the central hub f

 Bitwarden Organizations manage users and data in a scalable and secure fashion. Managing users and data on an individual basis is inefficient for large businesses and can leave room for error. To solve this, Organizations provide Collections and [Groups](#groups).

-**Collections** gather together Logins, Notes, Cards, and Identities for [secure sharing]({{site.baseurl}}/article/share-to-a-collection/) within an Organization:
+**Collections** gather together Logins, Notes, Cards, and Identities for [secure sharing]({{site.baseurl}}/article/sharing/) within an Organization:

 {% image organizations/collections-graphic-1.png Using Collections %}

--- a/_articles/organizations/share-to-a-collection.md
+++ b/_articles/organizations/share-to-a-collection.md
@@ -4,7 +4,7 @@ title: Sharing
 categories: [organizations]
 featured: false
 popular: false
-hidden: false
+hidden: true
 tags: [sharing, how to]
 order: 04
 ---
--- a/_articles/organizations/sharing.md
+++ b/_articles/organizations/sharing.md
@@ -0,0 +1,94 @@
+---
+layout: article
+title: Sharing
+categories: [organizations]
+featured: false
+popular: false
+hidden: false
+tags: [sharing, how to]
+order: 04
+redirect_from:
+  - /article/share-to-a-collection/
+---
+
+{% callout info %}
+In order to share items you need to be a member of an Organization. Learn more about [Organizations]({% link _articles/organizations/about-organizations.md %}) or learn how to [start your own two-person Organization]({{site.baseurl}}/article/getting-started-organizations/).
+{% endcallout %}
+
+Sharing items with Bitwarden means moving them into an Organization and Collection, a structure used to gather together Logins, Notes, Cards, and Identities for access by multiple users. There are a few different ways you can create Organization items for sharing:
+
+## Move an Item to an Organization
+
+Organization members can move items to any assigned Collection(s) unless they're given [**Read Only** access]({% link _articles/organizations/user-types-access-control.md %}) to that Collection. Items can only be moved to Organizations **from the Web Vault**:
+
+1. Hover over the item you want to share and select the {% icon fa-cog %} gear dropdown:
+
+   {% image /organizations/share-from-vault-overlay.png Select the gear dropdown %}
+
+2. From the dropdown, select the {% icon fa-arrow-circle-o-right %} **Move to Organization** option.
+3. On the **Move to Organization** screen:
+
+   - Choose the **Organization** to share this item with.
+   - Select one or more **Collections** to share this item into. You must select _at least_ one Collection.
+
+4. Click **Save** to finishing moving this item for sharing.
+
+Moving an item to an Organization **will transfer ownership to the Organization**. This means that anyone with permission can alter the item or delete it, which would remove it from your Vault as well. You can tell that an item is shared when it has the {% icon fa-cube %} **Shared** icon next to its name:
+
+{% image /organizations/collection-shared-item.png Shared Item icon %}
+
+## Create an Organization Item
+
+Organization members can create new items directly for any assigned Collection(s) unless they're given [**Read Only** access](https://bitwarden.com/help/article/user-types-access-control/) to that Collection. Shared items can only be created **from the Web Vault**, either in your My Vault view or in the Organization view:
+
+<ul class="nav nav-tabs" id="myTab" role="tablist">
+  <li class="nav-item" role="presentation">
+    <a class="nav-link active" id="pertab" data-bs-toggle="tab" data-target="#personal" role="tab" aria-controls="pertab" aria-selected="true">My Vault View</a>
+  </li>
+  <li class="nav-item" role="presentation">
+    <a class="nav-link" id="orgtab" data-bs-toggle="tab" data-target="#organization" role="tab" aria-controls="orgtab" aria-selected="false">Organization View</a>
+  </li>
+</ul>
+<div class="tab-content" id="clientsContent">
+  <div class="tab-pane show active" id="personal" role="tabpanel" aria-labelledby="pertab">
+{% capture personal %}
+
+#### From the My Vault view
+
+To create a new shared item:
+
+1. On the {% icon fa-lock %} **My Vault** page, select the {% icon fa-plus %} **Add Item** button.
+2. Fill in all the relevant information for the new Vault item.
+3. In the **Ownership** section at the bottom of the Add Item panel, choose the Organization you want to share this item with.
+4. Select one or more **Collections** to share this item into. You must select _at least_ one Collection.
+5. Select the **Save** button to finishing creating the shared item.
+
+Creating a shared item **will set ownership to the Organization**. This means that anyone with permission can alter the item or delete it, which would remove it from your Vault as well. You can tell that an item is shared when it has the {% icon fa-cube %} **Shared** icon next to its name:
+
+{% image /organizations/collection-shared-item.png Shared Item icon %}
+
+{% endcapture %}
+{{ personal | markdownify }}
+
+  </div>
+  <div class="tab-pane" id="organization" role="tabpanel" aria-labelledby="orgtab">
+{% capture organization %}
+
+#### From the Organization view
+
+To create a new shared item:
+
+1. On your Organization's {% icon fa-lock %} **Vault** tab, select the {% icon fa-plus %} **Add Item** button.
+2. Fill in all the relevant information for the new Vault item.
+3. The Ownership of the item is automatically set to the Organization when you use this method, so all you need to do is select one or more **Collections** to share this item into. You must select _at least_ one Collection.
+4. Select the **Save** button to finishing creating the shared item.
+
+Creating a shared item or sharing an item **will set ownership to the Organization**. This means that anyone with permission can alter the item or delete it, which would remove it from your Vault as well. You can tell that an item is shared when it has the {% icon fa-cube %} **Shared** icon next to its name:
+
+{% image /organizations/collection-shared-item.png Shared Item icon %}
+
+{% endcapture %}
+{{ organization | markdownify }}
+
+  </div>
+</div>