I was looking for clarifications based on licensing. I already sent a ticket to support but wanted to know if anybody experienced this before. I’ll post feedback as soon as I have so we’ll have some traceability here as well.
Let’s say I have a 10-seat Enterprise Organization license and wish to self-host. I have 10 individuals linked to that organization and they all benefit from premium features. Policies are enforced on those 10 individuals.
I get a request from an additional individual who simply wants to store its passwords, no need for sharing, collections or any other premium feature. Can they create a free account on my on-premise server without impacting the number of allocated seats set in my organization’s license? (meaning no additional cost)
Note: I already checked this discussion but didn’t get the answer I was looking for. It may help others though.
I believe this would indeed work as both Bitwarden’s SaaS cloud and the self-hosted option provide anyone the ability to sign up to a free account with limited features.
You can limit this by making your self-hosted instance not publicly accessible or perhaps with VPN only access
and/or
by disabling sign-ups if you chose with the configured environment variables.
Variable
Description
globalSettings__disableUserRegistration=
Specify true to disable new users signing up for an account on this instance via the Registration page.
I believe this post does answer this just a bit vague, as I understand the self-host and cloud versions of Bitwarden are very similar in nature with just slight differences.
With a self-hosted service, you should be able to sign up for an enterprise Organization with Bitwarden for the required number of licensed users connected to the Org and that will need sharing. Those users can be invited and will be able to create accounts on your self-hosted server, and will be connected to the enterprise Organization and will also have any Enterprise policies applied to them.
Being a member of the enterprise Organization these members would also have premium features extended into their personal Bitwarden vaults on your self-hosted server.
Any other employees or others not needing sharing capabilities should be able to sign up to your server without issue and create a free account.
I am not sure how the licensing for this would work though on an individual account if they could ultimately decide to purchase an individual premium license with Bitwarden, and then upload this to your self-hosted server to “activate” premium features for their free user without needing to be tied into the enterprise Organization.
That is if someone even decided to do that.
Many thanks for the detailed explanation. This was also my understanding regarding both Organization and premium individual features indeed.
In the meantime, here’s the feedback I received from support:
You have to pay for every individual attached to the Organization, therefore granting them premium features
You may have unlicensed (free) individuals without premium features if you activate user registration on the server (such as in the above reply). The number of free unprivileged accounts is not limited (as long as your server supports the load), but free accounts won’t be able to access the Organization data, nor share anything
When you would like to attach a free account to the Organization, you’d then have to pay for it (it takes one seat per user account), which is obvious
It is my understanding that purchasing an individual license and uploading it to the self-hosted server would work as well, if you so wish to. Documentation may help on that point (see licensing documentation). In fact, a self-hosted instance works pretty much the same as the SaaS solution, except you cannot buy licenses from there, which makes sense.
I hope this whole investigation and exchange will help others in need for clarifications, particularly businesses wanting to offer basic password management features as well as premium or business features such as policies, LDAP integration and collections.