Testing this for enterprise deployment, bitwarden is more user centric, needs business administration features for legal reasons.
- Access control via AD with groups. (example, users in the Bitwarden group only can login)
- Login access AD with the ability to lock accounts for terminated users.
- Organizations should be controlled by Administrator portal, with managers to give access to users, not a json file that can be leaked.
- Disable export features on users.
- The ability for Admin to take over accounts for password recovery.
- Customized Legal Announcement to let the user know this is administrated and passwords are legally owned by the company, not for personal use.
- Turn off “buying” premium options for enterprise accounts, premium options should be controlled by Admin panel.
- Control access to features in Admin panel.
- Disable cloud for email domain for enterprise customers with a note to contact their company IT for an account. (Same as Azure)
Probably more, user centric features need to be taken over by IT Administration, with ownership of passwords and account access features.