Prepare your Trial Organization for Production
This guide will help guide your business in preparing for a production implementation of Bitwarden after a successful trial period. If you're just starting your trial period, we recommend starting with the Proof-of-Concept Project Checklist before using this guide.
When you're ready to move a trial organization into production for your business, you can upgrade your existing organization in-place or start a new organization from scratch.
Most customers upgrade their existing organization in-place and purge their vault of test data used during their trial period before importing all shared data into production (Step 4a).
If you choose to start a new organization for your production implementation, revisit the Proof-of-Concept Project Checklist and work through those steps before proceeding.
While you probably have a number of members in your trial organization, most businesses add a lot more users when they move to production. With that in mind, here are a few critical steps you should take before onboarding the rest of your team:
Check your policy configuration
To make sure your configured policies are applied to all members as soon they join, check that all desired policies are enabled.
Activate master password reset
The master password reset policy is considered critical by many organizations for its ability to recover the accounts of users that forget their master password or are deprovisioned. Activate this policy now.
This step only applies if you're self-hosting Bitwarden. During your trial of Bitwarden, you're using a special trial license that will need to be upgraded to a production license. Once you upgrade your self-hosted server to the production license, you can activate automatic license syncing. Follow these steps:
Retrieve your production license
Retrieve your production license from the Bitwarden cloud web app by following these steps.
Manually update your license file
Upload the retrieved license to your self-hosted server by following the Manual update procedure here.
Activate billing sync
Setup your organization to automatically pull your license file in the future by following the Automatic sync procedure here.
Before onboarding the rest of your team, ensure that all required credentials are collected in your organization, and that members will only have access to what they need once onboarded.
Many customers purge their vault of test data used during their trial period before importing all shared data into production (Step 4a). Purging vault data, which can be done from the organization's Settings → Organization info view, will prevent the creation of duplicates and help you start with a clean slate.
You may have completed most or all of these steps, but we recommend double checking that they're done to your satisfaction:
Import your data
Import all shared data to your production organization.
Ensure that your collections contain the right vault items before granting broader access.
Ensure that your groups are assigned to the right collections before assigning more users.
Additionally, now is a good time to check the privileges you're granting to individual users on your administrative team. Defining good practices for member roles and permissions now will make promoting users easier once you begin onboarding more employees:
Review member role assignments
Review the pre-defined member roles available in Bitwarden and determine which role is appropriate for IT, managers, etc.
Set up custom admin accounts
Many organizations find it useful to create custom roles for admins in order to assign granular levels of permission to users. Check out this guide for some best practices.
Since you'll have a large number of users starting to use Bitwarden soon, it can be useful to setup some processes for centrally configuring and deploying key Bitwarden applications:
Configure clients for self-hosting
Self-hosted only. Bitwarden clients can be pre-configured to point to your self-hosted server. To do so, follow these instructions.
Deploy browser extensions to managed devices
Bitwarden browser extensions, the app end-users will most often use in their day-to-day workflows, can be deployed in automated fashion to your users' devices. To do so, follow these instructions.
Now that your organization is ready for use in production, onboard the rest of your users. Depending on how you setup your organization during the trial period, this may be:
We highly recommend reviewing, or re-reviewing, the Onboarding and Succession guide before onboarding your remaining users.