Assign organisation permissions to a group

jberanek · October 6, 2022, 3:10pm

Feature name

Organisation permissions for groups

Feature function

It will allow permissions to be assigned to groups of users rather than only individual users, and therefore be much more scalable/manageable - especially for people using Directory Connector
Permissions will be easier to manage (in a bigger organisation)

Related topics + references

LastPass Enterprise allows permissions to be granted per shared folder (another feature request of mine) and by group.

dh024 · October 6, 2022, 3:24pm

Hi John - can you please clarify why the existing group management tools are insufficient?

jberanek · October 6, 2022, 3:27pm

As far as I can see, you cannot assign permissions to groups, only assign them access to collections.

cksapp · October 6, 2022, 3:43pm

Ahh so you mean more so user types and custom roles for groups in addition to the current group permissions for Org collection access.

I.e members of any “IT Support” group for a company may have the ability to be assigned a custom role to allow for password reset, and this permission is applied at the group level rather than having to be applied to each user.

I can definitely see how this could be beneficial for larger organizations and for scalability.
My rule of thumb is anything that goes beyond 2+ people should be dealt with in a security group etc.
Thanks for the clarification, +1

Brett · August 15, 2023, 1:05am

I was looking for this feature too. We are using Azure AD RBAC groups to control access to our systems internal and external. Have the ability to control Role Permissions via Azure AD groups would be a great feature in Bitwarden.