In our Organization our Bitwarden Org account is used globally so we have different service desks around the world. We would like the ability to assign a smart group to each user to highlight which country they are apart of which is possible currently but we would like to give the availability to service desk colleagues to recover passwords to user accounts within the same smart group.
For e.g. UK Service Desk user account would have a UK smart group assigned to their account and they would be able to recover an account master password for any UK user that has the same UK Smart group assigned but they would not have permission to recover a master password for a User that is part of the America smart group.
Hello,
Create Smart Groups: Assign each user to a smart group based on their country. This can be done through the Bitwarden Admin Console.
Define Custom Roles: Create custom roles that allow specific permissions for account recovery. For example, a custom role for the UK Service Desk can be created with permissions to recover passwords only for users within the UK smart group.
Assign Permissions: Ensure that only users with the appropriate custom role can perform account recovery within their designated smart group. This hierarchical permission structure ensures that a UK Service Desk user can only recover passwords for users in the UK smart group.
Enable Account Recovery: Activate the account recovery feature in the Admin Console under Settings → Policies. This will allow designated admins or custom role users to recover passwords for users in their smart group.
Best Regards
esther598