Skip to main content

Add users to your Team

The following topics describe how Team owners can invite and confirm membership to regular Teams.

To learn the administrative process for onboarding users to Enterprise Teams, see Onboarding regular users.

Manually invite users to your Team

Note

This task can be performed by a Team owner/admin using the web interface.

To invite users to your Team:

  1. Log in to Bravura Safe via the web interface.

  2. Click Teams.

  3. From the Team drop-down, select the Team to which you want to invite a user.

  4. Click the Members tab.

    safe_web_invite_user

  5. Click + Invite member.

    safe_web_invite_user_role

  6. Enter the Email address(es) where new users should receive invites.

    Tip

    Add up to 20 users with the same Member role at a time by comma-separating email addresses.

  7. Select the Member role to be applied to the new user(s). See Roles.

  8. Click the Groups tab.

    safe_web_invite_user_groups

  9. From the Select groups drop-down, select the groups to which the member(s) should belong.

    Selected groups will appear listed under Groups.

  10. Click the Collections tab.

    safe_web_invite_user_collections

  11. If desired, select Grant access to all current and future collections (for this Team only).

    OR

    1. From the Select collections drop-down, select a collection to which the member(s) should have access.

    2. From the Permission drop-down, select the corresponding permission for the collection. See Permissions.

    3. Repeat Step 11.a and Step 11.b until all collections are added for the member(s).

      Collections will appear listed under Collection/Permission/Group.

  12. Click Save to invite the users to the selected Team.

    safe_web_invite_user_invited

Note

The users will receive an email invitation allowing them to join the Team. Once they have accepted the invitation by clicking Join Team Now and creating and/or logging in to their Bravura Safe account, you will then have to confirm their membership before they can access the Team and its collections and items.

Roles

A member's role determines what they can do in Bravura Safe.

Note

The role does not determine which collections a member can access (see Permissions).

Table 1. Safe Team member role definitions

Role

Actions

User

Access shared items in assigned collections.

Add, edit or remove items from assigned collections (unless their Permission is set to Can view for the selected collection).

Manager

All of the above,

+ Assign users to collections

+ Assign user groups to collections

+ Create or delete collections

Admin

All of the above,

+ Assign users to user groups

+ Create or delete user groups

+ Invite and confirm new users

+ Manage enterprise Team (global) policies

+ View event logs

+ Export Team safe data

+ Manage password reset

+ View safe Security assessment

Admin users automatically have access to all collections.

Owner

All of the above,

+ Manage API key

+ Manage enterprise Team (global) two-step login enforcement

+ Manage Team information, e.g. Team name

Owner users automatically have access to all collections.

Note

Only an owner can create a new owner or assign the owner type to an existing user. For failover purposes, create multiple owner users.

Custom

Customized permissions per user from a configurable selection of Manager and Admin capabilities.



Permissions

Permissions determine what a member can do with the shared items in a particular collection, and can be assigned at the group or member level. Groups and members can have different permissions for the same collection.

Table 2. Team / Group Collection permissions

Permission

Description

Can view

The user or group can view all items in the collection, including hidden fields like passwords.

Can view, except passwords

The user or group can view all items in the collection except hidden fields like passwords.

Users may still use passwords via auto-fill.

Can edit

The user or group can add new items, remove existing items and edit existing items in the collection, including hidden fields like passwords.

Can edit, except passwords

The user or group can add new items, remove existing items and edit existing items in the collection, except hidden fields like passwords.

Users may still use passwords via auto-fill.

Grant access to all current and future collections

The user or group has full (Can edit) access to items in all existing collections and to any collections created in the future.



Note

Hiding passwords prevents easy copy and paste; however, it does not completely prevent user access to this information. Treat hidden passwords as you would any shared credential.

  • Uncheck Grant access to all current and future collections for Admin and Owner roles, as they can automatically access all collections from the Team safe.

  • Configuring access control will determine which collections are readily accessible in their individual safe and via Bravura Safe client applications (browser extension, mobile, etc.).

  • Admins and owners will still be able to access "unassigned" collections from the organization vault.

Accept an invitation

Users invited to an enterprise or regular Team receive an email from Bravura Safe inviting them to join the Team. Clicking the "Join..." button in the email opens a Bravura Safe invitation window in their web browser, allowing them to create a new Bravura Safe account or log in with an existing account. Logging in accepts the invitation.

Note

Users are first invited to the enterprise (global) Team, then to regular (departmental) Teams. See Set up your Bravura Safe account for more information.

Note

If you already have a Bravura Safe account and the enterprise Team administrator implements a member 2FA policy and you do not yet have two-step login enabled (e.g. you have turned off the default second factor using email verification), you will not be able to access the Team until two-step login is enabled for your account. See Two-step login (2FA) .

Confirm membership

Once a user has accepted an invitation to join a Team, the Team's admin or owner must confirm their membership to complete the process. An email notification is generated.

safe_web_confirm_member_email

To confirm accepted invitations:

  1. Log in to Bravura Safe via the web interface.

  2. Click Teams and select your team from the Team drop-down.

  3. Click the Members tab.

    The All filter at the top of the Members list is selected by default.

    • Users with the Needs confirmation label next to their name have accepted your invitation to the Team and are waiting for you to confirm their membership.

    • Users with the Invited label next to their name need to accept the invitation to the Team.

    • Users with the Revoked label next to their name still have a Bravura Safe account, but their access to the Team has been revoked. These users can only be viewed by selecting the Revoked filter.

    • Users with no label next to their name are confirmed members of the Team.

  4. Click the Needs confirmation filter.

    safe_web_confirm_member

  5. Click the corresponding gear drop-down and select Confirm.

    Note

    To confirm multiple members at once, select their checkboxes (or select All at the top), click the uppermost gear drop-down and select Confirm.

    A message appears indicating that the user has been confirmed and the Needs confirmation label disappears from their name in the list. The member(s) can now access the Team, collections and items using the permissions specified when they were invited.

In this section: