With 1Password Enterprise Password Manager, you can set up and manage 1Password for your company and sub-companies. You’ll create a parent account which can then manage an unlimited number of child accounts. This allows you to scale your usage of 1Password, localize administrators to smaller groups of users, centralize policy management, and keep data separated across organizations.
Step 1: Create a parent account
To get started, sign up for 1Password Business. This will be your parent account. If you already have an account that your team uses for 1Password internally, contact your 1Password representative to request that your account be converted to a multi-tenant parent account.
After you sign up:
- Follow the steps to get started as an administrator and set up your account.
- Make sure to invite team members who will be in the top-level organization.
- Implement a recovery plan to make sure no one loses access to 1Password.
Wichtig
To make sure the child accounts you manage are secure, everyone in the parent account will need to use multi-factor authentication.
If your team uses single sign-on (SSO), you can set up your 1Password account to unlock with SSO, then consider the additional security guidelines below for multi-tenant accounts.
Wenn du dein Konto nicht zum Entsperren mit SSO eingerichtet hast, fahre mit Schritt 2 fort.
Wenn du „Entsperren mit SSO“ verwendest
Administrators in the parent account have administrative access to all your child accounts, so their accounts should be as secure as possible. If your team will unlock 1Password with SSO, follow these guidelines for the 1Password SSO application in your identity provider:
- Schalte dauerhafte Cookies aus. Beispielsweise kannst du in Entra ID die Eingabeaufforderung „Angemeldet bleiben?“ deaktivieren.
- Erfordere häufige erneute Authentifizierung. Beispielsweise kannst du in Okta eine Authentifizierungsrichtlinie erstellen mit „Benutzer muss sich mit“ und „Zur Authentifizierung auffordern“.
- **Multi-Faktor-Authentifizierung erforderlich.** Zum Beispiel kannst du in Entra ID eine Richtlinie für bedingten Zugriff erstellen, um eine mehrstufige Authentifizierung zu verlangen.
Step 2: Add administrators
People in the Owners or Administrators group of your account can manage child accounts. By default, these groups include the following permissions:
- View child accounts.
- Link and unlink child accounts.
- Sign in to child accounts and perform administrative tasks.
You can also create a custom group and give it granular permissions. For example, you can allow people in a group to only view, link, and unlink specific accounts, but not launch into them.
Next steps
After you set up your 1Password multi-tenant parent account, you and your administrators can add and manage child accounts. Learn how to manage child accounts.
Unterstützung erhalten
Some 1Password features aren’t yet supported for parent account administrators in child accounts:
Other users in your child accounts can still use these features.
Mehr erfahren
- Administratoren: Erste Schritte mit 1Password
- Best Practices zur Sicherung deines 1Password Business-Kontos
- About the security of linked accounts
War dieser Artikel hilfreich?
Freut mich, das zu hören! Wenn du etwas hinzufügen möchtest, zögere nicht, uns zu kontaktieren.
Tut mir leid, das zu hören. Bitte kontaktiere uns, wenn du uns mehr darüber erzählen möchtest.