We have procurement/finance staff that need access to invoices, receipts, and # of seat adjustment capabilities but we don’t want them to have full access to the entire organization vault of credentials. Is there a specific User Type (what I would commonly think of as a permissions role) that would grant these users the correct set of permissions?
This feature is very important for our enterprise environment, where the owner of the org is a security admin without immediate access to billing, controlled by the Finance department. Given the sensitivity of the data in Bitwarden, a random financial controller can not be allowed to use the Owner privilege.
Very good point here, I definitely understand the need for better granular control for billing access especially in the case you and others here presented.
Nothing official yet and I am just speculating here, but with the latest web-vault release v2022.11.0 now provides a dedicated Billing section for an Organization.
Given that there is currently a custom role for Access reports, this new dedicated Billing section may be the first precursor to adding an additional custom role which will allow for only access to the new billing section and complete this request.
Let’s hope there is more to come soon