Users or user groups can be set as Vault owners to manage specific vaults without having access to data source administration. Assign users the Vault owner role for vault-level tasks requiring only basic permissions, and the Administrator role for system-wide tasks requiring the highest level of permissions.
Here is a detailed list of the respective capabilities of the Administrator and Vault owner roles:
| Capability | Administrator | Vault owner |
|---|---|---|
| Access to all shared vaults | ||
| Access to personal vaults of other users | ||
| Add or remove users and groups | ||
| Export/import entries across vaults | (between owned vaults only) | |
| Configure system settings | ||
| Audit logs and platform-wide monitoring | ||
| Vault-specific permissions | (for owned vaults only) | |
| Create and delete vaults | ||
| Day-to-day access to entries | (for owned vaults only) | |
| Session configuration in Remote Desktop Manager | (for sessions in owned vaults only) |
In Administration – Vaults, either when creating a new vault (+ sign), or editing an existing one (pen-shaped button).
In the vaults themselves, by clicking on the ellipsis button next to the vault's name, and then Edit vault.
In the Add vault or Edit vault settings window, go the Vault owners section, and click on the blue ellipsis button next to the Vault owners bar. Ticking the box next to individual users or user groups gives them vault owner status. Click on Update to apply the changes.
Share your feedback