Vault Creator Group - explicit permissions
I have created a group (Vault Creator) with the idea of assigning managers the ability to create vault for their respective departments. This provides a layer of security for vault data that need not be accessed/seen by administrators.
Although this can be accomplished, there a a few caveats:
- The admin console must also be enabled so they have the gui access to actually create the vault
- The inherently have access to send invitations and "view" team members....however limited with managing permissions.
It would seem more practical to limit it the "Vault Creators" to only creating vaults and have no access to the other admin console.
Is there something that I am missing? Is this already known? Could this be a upcoming release modification?
Thanks!
1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided
This discussion has been closed.
Comments
Team Member
Hi @dixie_tech,
Thanks for asking about this! I'll mention this to the team here. It is an interesting idea.
I would like to echo the OP. I created the same group and gave it the same permissions, then discovered that Admin Console access must be granted in order to create vaults. I'd also like to request that the "vault creator" permission simply allow creating vaults without requiring full admin console access.
Team Member
@khad, thanks for the response and taking the suggestion back to the team.
Team Member
It's my pleasure! Have a fantastic weekend.