The provisioning account can see all user vaults. Is that by design?
Hi,
I just set up the Okta integration for 1Password via the SCIM bridge and noticed that the provisioning account can actually see all the vaults and their contents for users in our team (that it provisioned). Is that by design? Is there a way to prevent that? We don't necessarily want that account to have access to view other users' vaults - just provision and de-provision vault access.
Thanks,
Joe
1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided
Referrer: forum-search:view other user vaults
Comments
-
Thanks for reaching out. As Rick already mentioned via email, the provisioning manager has access to the user's personal vault until the user assumes control of their new account. Once that happens access to the personal vault is removed from the provisioning manager. Since I see that you've been in contact with Salome via email as well, let's continue the conversation there if you have further questions to avoid confusing back and forth in multiple places. Cheers! :)
ref: ZHX-97346-459
0