5.0 KiB
layout, title, categories, featured, popular, hidden, tags, order, description
| layout | title | categories | featured | popular | hidden | tags | order | description | |
|---|---|---|---|---|---|---|---|---|---|
| article | Provider Users |
|
false | false | false | 03 | This article will help you onboard users to your Bitwarden Provider who can administer client Organizations under your management. |
Onboard Provider Users
To ensure the secure administration of your Client Organizations, Bitwarden applies a 3-step process for onboarding a new Provider member, Invite → Accept → Confirm.
Invite
To invite users to your Provider:
-
Log in to the Web Vault and open your Provider.
-
Open the {% icon fa-sliders %} Manage tab and select People from the left-hand menu.
-
Select the {% icon fa-plus %} Invite User button:
{% image /providers/provider-adduser.png Invite Provider Users %}
-
On the Invite User panel:
- Enter the Email address where new users should receive their invites. You can add up to 20 users at a time by comma-separating email addresses.
- Select the User Type to be applied to this batch of users. User Type will determine what access these users will have to the Provider. Both User Types will be able to fully administer any Client Organization.
-
Click Save to invite the designated users to join the Provider.
{% callout info %} Invitations expire after 5 days, at which point the user will need to be re-invited. Re-invite users in bulk by selecting each user and using the {% icon fa-cog %} gear dropdown to Resend Invitations:
{% image /providers/provider-resend-invite.png Resend Invitations %} {% endcallout %}
Accept
Invited users will receive an email from Bitwaden inviting them to join the Provider. Clicking the link in the email will open a Bitwarden invitations window. Log In with an existing Bitwarden account or Create Account to accept the invitation:
{% image /providers/provider-accept-invite.png Email Invitation %}
Confirm
To confirm accepted invitations to your Provider:
-
Log in to the Web Vault and open your Provider.
-
Open the {% icon fa-sliders %} Manage tab and select People from the left-hand menu.
-
Select any
Acceptedusers and use the {% icon fa-cog %} gear dropdown to {% icon fa-check %} Confirm Selected:{% image /providers/provider-confirm.png Confirm Provider Users %}
-
On the panel that appears, verify that the fingerprint phrases for new users match those they can find in their Settings → My Account screen.
Each fingerprint phrase is unique to its account, and ensures a final layer of oversight in securely adding users. If they match, select Confirm.
Offboard Users
To remove users from your Provider:
-
Log in to the Web Vault and open your Provider.
-
Open the {% icon fa-sliders %} Manage tab and select People from the left-hand menu.
-
Select the users you want to remove from the Provider and use the {% icon fa-cog %} gear dropdown to {% icon fa-times %} Remove:
{% image /providers/provider-removeuser.png Remove Provider Users %}
Provider User Types
{% callout success %} Managing a Client Organization's users? Organizations have a set of User Types and Access Controls that are distinct from Provider User Types. {% endcallout %}
Bitwarden Provider Users can be granted one of two User Types to manage their access to the Provider. Both User Types will be able to fully administer any Client Organization. Bitwarden strongly recommends that you provision a second user with a Provider Admin role for failover purposes.
You can set User Types when you invite Provider users, or at any time from the Manage → People screen in your Provider Portal. User Types include:
| Role | Description |
|---|---|
| Service User | Service Users can access and manage all Client Organizations, including: - Access shared items stored in the Organization Vault - Add, edit, or remove items from all Collections - Create or delete Collections - Assign Users and User Groups to Collections - Assign Users to User Groups - Create or delete User Groups - Invite and confirm new users - Manage Enterprise Policies - View Event Logs - Export Organization Vault data - Manage Password Reset - Manage Billing, Subscription, and Integrations |
| Provider Admin | Provider Admins manage all aspects of the Provider and all Client Organizations. Provider admins can do all of the above, plus: - Create new Client Organizations - Add existing Organizations to the Provider - Invite and confirm new Service Users and Provider Admins - View Provider Event Logs - Edit Provider Settings |