LogoLogo
Enterprise Guide
Enterprise Guide
  • Getting Started
  • Start Your Trial
  • Resources
  • Keeper for Teams and Small Business
  • Keeper Enterprise
  • Implementation Overview
  • Domain Reservation
  • Deploying Keeper to End-Users
    • Desktop Applications
      • Launch on Start Up
    • Forcefield
    • Browser Extension (KeeperFill)
      • Mac
        • PLIST (.plist) Policy Deployment
          • Jamf Pro Policy Deployment - Chrome
          • Microsoft Intune Policy Deployment - Chrome
      • Linux
        • JSON Policy Deployment - Chrome
      • Windows
        • Group Policy Deployment - Chrome
        • Group Policy Deployment - Firefox
        • Group Policy Deployment - Edge
        • SCCM Deployment - Chrome
        • Intune - Chrome
        • Intune - Edge
        • Edge Settings Policy
        • Chrome Settings Policy
      • Virtual Machine Persistence
    • Mobile Apps
      • IBM MaaS360
    • Optional Deployment Tasks
    • IE11 Trusted Sites
  • End-User Guides
  • Keeper Admin Console Overview
  • Nodes and Organizational Structure
  • Risk Management Dashboard
  • User and Team Provisioning
    • Custom Invite and Logo
      • Custom Email - Markdown Language
    • Simple Provisioning through the Admin Console
    • Active Directory Provisioning
    • LDAP Provisioning
    • SSO JIT (Just-in-Time) Provisioning
    • Okta Provisioning
    • Entra ID / Azure AD Provisioning
    • Google Workspace Provisioning
    • JumpCloud Provisioning
    • CloudGate Provisioning
    • OneLogin Provisioning
    • Microsoft AD FS Provisioning
    • API Provisioning with SCIM
      • Using SCIM API Provisioning
    • Team and User Approvals
    • Email Auto-Provisioning
    • CLI Provisioning with Commander SDK
  • SSO / SAML Authentication
  • User Management and Lifecycle
  • Email Address Changes
  • Roles, RBAC and Permissions
    • Enforcement Policies
    • Security Keys
  • Delegated Administration
  • Account Transfer Policy
  • Teams (Groups)
  • Sharing
    • Record and File Sharing
    • Shared Folders
    • PAM Resource Sharing
    • One-Time Share
    • Share Admin
    • Time-Limited Access
    • Self-Destructing Records
    • Hiding Passwords
  • Creating Vault Records
  • Importing Data
  • Record Types
  • Two-Factor Authentication
  • Storing Two-Factor Codes
  • Security Audit
    • Security Audit Score Calculation
  • BreachWatch (Dark Web)
  • Secure File Storage & Sharing
  • Reporting, Alerts & SIEM
    • Event Descriptions
    • Splunk
    • Sumo Logic
    • Exabeam (LogRhythm)
    • Syslog
    • QRadar
    • Azure Monitor
    • Azure Sentinel
    • AWS S3 Bucket
    • Devo
    • Datadog
    • Logz.io
    • Elastic
    • Firewall Configuration
    • On-site Commander Push
  • Recommended Alerts
  • Webhooks
    • Slack Webhooks
    • Teams Webhooks
    • Amazon Chime Webhooks
    • Discord Webhooks
  • Compliance Reports
  • Vault Offline Access
  • Secrets Manager
  • Commander CLI
  • Keeper Connection Manager
  • KeeperPAM Privileged Access Manager
  • Keeper Forcefield
  • KeeperChat
  • Keeper MSP
    • Free Trial
    • Getting Started
    • Fundamentals
    • Consumption-Based Billing
      • Secure Add-Ons
      • Existing MSP Admins
    • Onboarding
    • PSA Billing Reconciliation
    • Join the Slack Channel
    • Next Steps
    • Offboarding
    • Commander CLI/SDK
    • Account Management APIs
    • Provision Family Plans via API
    • MSP Best Practices
  • Free Family License for Personal Use
    • Provision Family plans via API
    • Provision Student plans via API
    • API Troubleshooting
      • API Parameters
      • API Response Codes
      • API Explorer - Swagger
  • Keeper Security Benchmarks and Recommended Security Settings
  • IP Allow Keeper
  • Keeper Encryption and Security Model Details
  • Developer API / SDK Tools
  • On-Prem vs. Cloud
  • Authentication Flow V3
  • Migrating from LastPass
  • Training and Support
  • Keeper SCORM Files for LMS Modules
  • Docs Home
Powered by GitBook

Company

  • Keeper Home
  • About Us
  • Careers
  • Security

Support

  • Help Center
  • Contact Sales
  • System Status
  • Terms of Use

Solutions

  • Enterprise Password Management
  • Business Password Management
  • Privileged Access Management
  • Public Sector

Pricing

  • Business and Enterprise
  • Personal and Family
  • Student
  • Military and Medical

© 2025 Keeper Security, Inc.

On this page
  • Introducing Secure Add-Ons
  • Billing Related Improvements

Was this helpful?

Export as PDF
  1. Keeper MSP
  2. Consumption-Based Billing

Existing MSP Admins

This page will guide existing MSPs as they migrate to our upgraded platform with new features and billing improvements.

Thank you for being a valued KeeperMSP customer! We’re launching powerful features and products to further improve your KeeperMSP experience. When Keeper releases our upgraded KeeperMSP product, you can expect new zero-trust Secure Add-ons and an improved billing model.

MSP consumption-based billing is live. Some MSPs have not been fully migrated to consumption billing. If you have any questions, please contact your Keeper sales representative.

Introducing Secure Add-Ons

These new features and Secure Add-Ons provide comprehensive visibility, security and control, all within one unified platform - with zero-trust and zero-knowledge security:

  • The Advanced Reporting & Alerts (ARAM) Module empowers InfoSec administrators to monitor more than 100 different security and activity-related event types via customizable reports, real-time notifications and seamless integration into any third-party SIEM solution.

  • BreachWatch continuously scans the dark web and receives alerts on compromised passwords to take immediate action for preventing an account takeover attack.

  • Compliance Reporting provides on-demand visibility of access permissions for the organization's credentials and secrets and; supports audits for Sarbanes Oxley (SOX) and other industry regulations that require access-control monitoring and event auditing.

  • KeeperChat enables secure, ephemeral messaging across employee devices with the world’s most secure messaging solution, protecting communications with end-to-end encryption.

  • Secure File Storage taps into Keeper’s zero-knowledge encryption to put secure file storage, retrieval and decryption privileges in the hands of approved users only.

  • Keeper Secrets Manager secures your environment and eliminates secrets sprawl by removing hard-coded credentials from your source code, config files and CI/CD systems.

  • Keeper Connection Manager provides DevOps and IT teams with effortless access to RDP, SSH and Kubernetes endpoints through a web browser.

Billing Related Improvements

Based on your licensing pool balance, your account will also soon transition from your current license pool billing model to our new consumption-based billing model. Once your current entitlements match or exceed your consumption, the switch will be automatic and seamless.

Consumption-Based Billing

Upon transitioning your account to our new billing model, you can expect the following key benefits:

  • It’s cost-effective and designed to scale with your business

  • You will only be charged for the licenses you use, thereby eliminating the need to estimate the number of users upfront.

  • No long-term commitments on licenses and users can activate or deactivate a user license at any time

Keeper will track your account’s daily license usage and bill you monthly, in arrears. You may continue to add licenses for any of our products (e.g. Secrets Manager, Compliance Reporting, KeeperChat and Connection Manager) as needed.

Adding a New Managed Company

Click Add Managed Company and enter their name and select the managing node. Next, choose a base plan and any additional Secure-Add Ons you would like to add. You will be able to view what Secure-Add Ons are included with each base plan once you select it.

By default, "Allow unlimited license consumption" will be enabled. To override this, deselect the checkbox and enter the maximum licenses allowed.

More information regarding base plans can be found here.

Edit an Existing Managed Company

To edit an existing Managed Company's details, Base Plan, maximum licenses and Secure Add-Ons, click on the name of the Managed Company, then click Edit.

MSP Subscription Manager

Since Keeper's new billing model is based on actual daily license usage, the default "License Pool Manager" Role will be replaced with the "MSP Subscription Manager" role. The MSP Subscription Manager’s main function is to manage billing for the MSP. This role has access to the “Subscriptions” tab of the console in order to make changes to the billing method and manage Secure Add-Ons for MSP internal use.

The users in the "License Pool Manager" role already have access to the Subscription tab, therefore, they will remain in the role and the role name will automatically change to "MSP Subscription Manager"

Administrative Permissions

The "Allocate Company Licenses" permission has been merged with the "Manage Companies (MSP) permission".

SEPA Payment Method

In order for SEPA to appear as a payment method on the checkout page upon purchase or renewal of KeeperMSP you must fulfill the following criteria:

(1) The selected country in the "Your Information" form must be supported by SEPA

(2) The selected currency in "Order Summary" form must be EUR

PreviousSecure Add-OnsNextOnboarding

Last updated 1 year ago

Was this helpful?

Billing Statement Daily Summary
Managed Companies > Add Managed Company
Company Details, Base Plan and Add-On Selection
Edit a Managed Company
Edit MC Details, Base Plan, Maximum Licenses & Add-Ons
MSP Subscription Manager Default Role
Manage Companies (MSP) Administrative Permission
Checkout Order Summary