Email Auto-Provisioning

Basic provisioning of users based on email address

Overview

To facilitate the onboarding of Keeper to users based on their email address domain and a Master Password, use the Email Provisioning method. This can be used for organizations that are deploying Keeper to a large number of users (such as a university) where the admin is not explicitly inviting the user to sign up.

For example, anyone with the email address containing the domain acme.edu, can be automatically provisioned to a particular node and role within the Acme EDU Keeper Enterprise account upon creating their vault.

Email provisioning is only recommended for users setting up a Master Password authentication method. SSO-enabled nodes do not require an email provisioning method.

Configuration

(1) Login to the Keeper Admin Console

(2) If you don't already have a Node created for this provisioning method, please create one by clicking "Add Node". Provisioning is not permitted in the root node.

(3) In the new node, click on Provisioning > Add Method

(4) Select Email Auto-Provisioning then Next

(5) Choose a method of domain name ownership. You can use DNS lookup or HTML file upload.

(6) Once verification is complete, the status will show the email domain.

Inviting Users

When using the email provisioning method, the easiest way to invite users to sign up is to provide them a link to the vault:

US Data Center: https://keepersecurity.com/vault

EU Data Center: https://keepersecurity.eu/vault AU Data Center: https://keepersecurity.com.au/vault

CA Data Center: https://keepersecurity.com.ca/vault

JP Data Center: https://keepersecurity.jp/vault

Users simply click "Set up now" and use your company email to create your vault.

The user types in their email and clicks "Next".

User will set a Master Password.

After the user confirms their email with a verification code, the user will be provisioned to the specified Node and Default Role in the Admin Console.

Last updated