Vault Creator Group - explicit permissions

I have created a group (Vault Creator) with the idea of assigning managers the ability to create vault for their respective departments. This provides a layer of security for vault data that need not be accessed/seen by administrators.

Although this can be accomplished, there a a few caveats:

  • The admin console must also be enabled so they have the gui access to actually create the vault
  • The inherently have access to send invitations and "view" team members....however limited with managing permissions.

It would seem more practical to limit it the "Vault Creators" to only creating vaults and have no access to the other admin console.

Is there something that I am missing? Is this already known? Could this be a upcoming release modification?

Thanks!


1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided

Comments

  • khad
    khad
    1Password Alumni

    Hi @dixie_tech,

    Thanks for asking about this! I'll mention this to the team here. It is an interesting idea. :)

  • user0
    user0
    Community Member

    I would like to echo the OP. I created the same group and gave it the same permissions, then discovered that Admin Console access must be granted in order to create vaults. I'd also like to request that the "vault creator" permission simply allow creating vaults without requiring full admin console access.

  • khad
    khad
    1Password Alumni

    :+1:

  • dixie_tech
    dixie_tech
    Community Member

    @khad, thanks for the response and taking the suggestion back to the team.

  • khad
    khad
    1Password Alumni

    It's my pleasure! Have a fantastic weekend. :)

This discussion has been closed.