search

CloudGate Provisioning

Keeper supports SAML 2.0 Authentication and SCIM provisioning with CloudGate UNO

hashtag
Overview

This guide covers CloudGate Automated Provisioning with SCIM which will update and deactivate Keeper user accounts as changes are made in CloudGate.

circle-info

You can configure SCIM without SSO or SSO+SCIM

hashtag
Requirements

To setup Keeper user provisioning with CloudGate, you need to have access to the Keeper Admin Consolearrow-up-right and a CloudGate Admin account.

hashtag
User Provisioning SSO+SCIM

circle-info

IMPORTANT: If you want your users to authenticate via SSO / SAML 2.0 with CloudGate, you must first configure and install Keeper SSO Connect with CloudGate. View the full SSO Connect setup guides: SSO Connect Cloud: https://docs.keeper.io/sso-connect-cloud/arrow-up-right Once Complete, proceed to Step 7: in the guide below.

circle-info

If you just want to provision users via SCIM provisioning without SSO, proceed to the guide below.

hashtag
User Provisioning (SCIM)

hashtag
Configuration Steps

hashtag
Step 1: Add SCIM Provisioning Method for CloudGate

Navigate to your Keeper Admin console and add the SCIM Provisioning Method to your desired "Node".

Add SCIM for CloudGate

hashtag
Step 2: Select SCIM Provisioning Method

Select "SCIM (System for Cross-Domain Identity Management)" and select "Next".

Select SCIM

hashtag
Step 3: Generate SCIM Token

At the next screen select "Generate" to generate your Token to connect your SCIM provisioning method.

Generate SCIM Token

hashtag
Step 4: Save SCIM Provisioning Method

At the next screen, you will be presented with your URL and Token. You will need this information for the step 8 to configure the SCIM section of the Keeper SSO Application within CloudGate. Select "Save".

You will now see your SCIM Provisioning Method in a Pending State.

SCIM Pending

hashtag
Step 5: Add Keeper Application to CloudGate

Navigate to your CloudGate Admin Console -> Service Provider and select the Add service provider to add Keeper Password Manager to the list of your SSO applications.

Add Keeper App to CloudGate SSO

hashtag
Step 6: Configure Keeper Application

On the "ADD SERVICE PROVIDER" page, search for Keeper Security in the search bar. Select Add on the Keeper SSO Cloud Connect icon.

Configure Keeper App

hashtag
Step 7: Configure SCIM within Keeper Application

Click "edit" on the Keeper SSO Cloud Connect icon you created at SERVICE PROVIDERS page and go to the provisioning settings tab.

Configure SCIM

hashtag
Step 8: Activate SCIM

This is where you will supply the previously generated URL and Token within the SCIM Provisioning Method in your Keeper Admin Console at the step 4. Now you can click "Test" to check if the SCIM provisioning is OK.

hashtag
Step 9: Save Keeper Application

Select "save".

Save SCIM

User provisioning with CloudGate is complete. Moving forward, new users who have been configured to use Keeper, in CloudGate and are within the provisioning scope definitions, will receive invites to utilize the Keeper Vault and will be under the control of CloudGate.

PreviousJumpCloud ProvisioningNextOneLogin Provisioning

Last updated

Was this helpful?