Limit Team Member access to a specific domain

hajen
hajen
Community Member

Hello!

We recently tried to share a vault with a guest, but did so through the "share vault" button, which sent an invite to also become a Team Member in our organisations 1password. We know there's an option to share vaults by inviting as guests (which we will demonstrate to the company). However, we would like to make sure this doesn't happen by accident again. What we're looking for is a way to only make users with a specific domain Team Members. We also have the Allowed Domains set to our organisation's domain, but it says it does not apply to slack or email invitations. One of which was automatically sent when inviting someone to a vault via the big blue Share Vault button on the vault.

Is there a way to disable users which does not have our email domain to become Team Members and only access as guests?


1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Browser: Not Provided

Comments

  • @hajen

    Guests should be invited first to allow you to specify vault access. Share with guests in your team I can certainly see how this might be confusing.

    If I am correctly following you the share button while viewing the vault details page is what was used. This would invite the person to the share and add them to the team.

    Share with the rest of the team
    Give people and groups access to the items in this vault.

    I'd be happy to pass this feedback to the products team for consideration. The way I see it (reporting for you) is it's confusing to you in that the invite process should be the same no matter the account type, and it should allow you to make the distinction along the way as to full member or guest. Would that be an accurate description?

    I am not aware of any current limitation that you can use to limit the invite. That said you should be prompted to review (confirm) any new additions to the team.

    Thank you for the insight.

  • hajen
    hajen
    Community Member

    Yes, that is correct. The confusion from my organisation's side has been when wanting to invite someone outside the organisation to only one vault. The UI made it seem like the Share Vault button only ment that vault, and not also becoming a Team Member. Having a choice in making that user a Team Member or only a guest would be more clear to us, instead of first making the user a guest.

    What we would prefer is to limit users to only the specified email domain to be able to become a Team Member.

    Thank you for the reply!

  • Thank you for getting back to me @hajen

    I've filed your feedback verbatim for the teams review.

    ref: PB-40284421