This separation of concerns is an important step that ensures that only an organization member has access to the key which is required to decrypt your organization's sensitive vault data. In implementations that leverage master password decryption, your identity provider handles authentication and a member's master password is required for vault decryption. Key Connector can be configured with a variety of database providers (for example, MSSQL, PostgreSQL, MySQL) and key pair storage providers (for example, Hashicorp Vault, Cloud KMS Providers, On-prem HSM devices) in order to fit your business's infrastructure requirements. Key Connector requires connection to a database where encrypted user keys are stored and an RSA Key Pair to encrypt and decrypt stored user keys. Bitwarden supports deployment of one Key Connector for use by one organization for a self-hosted instance. Key Connector runs as a docker container on the same network as existing services, and can be used with login with SSO to serve cryptographic keys for an organization as an alternative to requiring a master password for vault decryption ( learn more). Key Connector is a self-hosted application that facilitates customer-managed encryption (CMS), allowing an enterprise organization to serve cryptographic keys to Bitwarden clients. Admin Console > Login with SSO > Key Connector About Key Connector
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |