Granular Permissions per Secret ?

adoIII
adoIII
Community Member

Hi,
i am new to 1 passwd and dont know how to handle this permission case:
Customer ABC
Groups Windows Admins and Linux Admins have Access to VPN Password
Only Group Windows Admin has Access to Windows Admin Password
Only Group Linux Admin has Access to Linux root Password
Only Group Network Admin and Peter from Windows Admin have Access to switch admin password
Customer CDE
Like ABC but Peter has no Access to switch password
Any ideas ?


1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided

Comments

  • Hi @adoIII, welcome to the 1Password Support Community. 👋

    I'd just like to start and quickly explain how permissions work in 1Password. Sharing is primarily done at a vault level, not at an individual item level. Items like Logins and Credit Cards are stored in vaults. Every vault but your own Private vault can be shared with your teammates and guests, which will grant them access to everything within. You can share a vault with any groups or individuals that are part of the account. With the above in mind:

    • You could create a vault and store the "Windows Admin Password" and share it with the Windows group administrator on an individual basis. Create another vault for the "Linux root password" and only share it with the Linux admin.
    • For the "switch admin password", you could create a new vault and share it with those individuals who require access.

    The above will ensure Peter doesn't have access to vault where the "switch password" is stored, only vaults that need Peter needs shared with them.

    Additionally, for one-time or infrequent sharing, you can rely on our password secure sharing tool. When you share an item, you’ll get a unique link that you can send to your colleagues and even external users outside your team. Choose when the link expires and who it’s available to: anyone with the link or only specific people.

    Securely share 1Password items with anyone

This discussion has been closed.