Previously, if an administrator assigned a Manager Role to a specific user, they could grant access rights to other users only for the collections assigned to the manager. However, the menu for granting access rights suddenly disappeared.
Only Admin and Owner, not Manager, can set access rights to collections.
Previously, there were Owner, Admin, Manager, and User Roles, but I think the rights changed when Custom Role was created instead of Manager Role.
Our company designated a manager for each collection, and the managers granted access rights upon user requests.
In the future, will only Admin and Owner be able to grant access rights to collections?
Yeah, that’s a known bug because Bitwarden is in the process of removing the Manager role. It should already have been fixed by #4860 which is available in the testing image.
Vaultwarden does not support custom roles yet.
No, users will be able to be granted the Can manage permission in the future.
2 Likes
Thank you for your reply!
I’m would like to move to the current version (see below), where “can manage” is what I would describe as “partially available”. But in tests I still have the issue that I can not recreate the functionality previously provided by the “manager role”.
In details:
I have a bunch of Teams in which the each team lead is managing its team members , inviting new, removing… . are created as collections, and managers can not access other collections.
After update user roles “user” and “user defined” can not do that.
And Administrator role would allow to access all collections, even those of other teams which must not be allowed.
So restraining Administrators to certain collections or allowing that to users with “can manage” can actually invite new users and … might be a way.
Using multiple Organisations is most likely not working nicely because sharing data in between organisations is not possible without creating redundant data.
What are your thoughts on this?
Thanks.
Versions
Server Installed Ok 1.33.0
Server Latest 1.33.0
Web Installed 2025.1.1
Database SQLite: 3.46.0
I think it’s better to limit admin rights to specific collections. 1password probably uses this approach.
Currently, when I log in to vaultwarden as an admin, all account information is shown, which is inconvenient to search.
If necessary, the admin can directly grant collection access rights, so I don’t think there will be a problem.
If the collection manager is given the user management function, it seems like there will be a security risk because the admin may be granted rights without his knowledge.