Free Family License for Personal Use
Enterprise users can create a free Keeper Family Plan and easily switch between their business and personal Keeper account
Create a Free Family Plan from a Business or Enterprise Account
All Keeper Enterprise users can create a free, Keeper Family Plan for up to 5 family members with unlimited devices. Once the user sets up the Family Plan, each family member receives their own vault. They can also share passwords between family members using either Shared Folders or individual record sharing.
This vault is intended for personal use only. All business-related credentials must be stored within your company issued vault.
(1) Log into the Keeper Web Vault or Desktop App
(2) Click on your email address found in the top right corner.
(3) Select Account
(4) Enter your personal email in the "Keeper Family License for Personal Use" section and click Send Email
(5) Please logout from the Business vault on your browser by clicking on Email > Logout.
Creating Family Account on Desktop Vault
(6) Accept the invitation sent to your personal email.
(7) Follow the links to create your Keeper account. Please ensure you are logged out of your Business vault first.
(8) Select a Master Password
Important Note about Data Center Location
If you follow the link sent on your desktop computer, you'll be properly routed to the same geographic data center that is associated with your Keeper Business vault. Therefore we recommend using your Desktop computer to create your personal Keeper Vault.
If you decide to use your mobile device for creating your personal vault, see the instructions below.
Creating Account on Mobile
If you decide to create your personal account on an iOS or Android device, please take note of the "Data Center" option at the bottom of the screen:
Please ensure that you are selecting the correct Data Center location. If you set up your personal Keeper account in the wrong region, you'll need to contact Keeper support to delete and re-create your account.
Confirming License Activation
After your personal account has been created, it will show up as licensed in the business vault Account settings:
Important notes regarding your linked personal account:
Your linked personal account is licensed as a Keeper Family Plan account with 10GB of secure file storage and BreachWatch dark web monitoring.
The company managing your Business vault does not have any access rights or ability to decrypt information stored in your personal vault.
Your linked personal account will remain free on unlimited devices for as long as the business account is active.
If you leave the business, or if the business does not renew their subscription with Keeper, you may continue to use your account for 30 days after which, it will expire and be converted to a free trial account. Contact Keeper to purchase a Family or Unlimited subscription for all of the premium features.
If your administrator has disabled this feature, any family plans that were created previously will remain, with the current expiration date, and new family plans cannot be created.
Your Business Admin may remove the ability to share records from the business vault to the linked personal vault.
This vault is intended for personal use only. All business-related credentials must be stored within your company issued vault.
Watch the video below to learn about linking a personal account to a business account.
Switching Between Personal and Business Vault
Users can easily switch between their business/enterprise and personal accounts on Keeper for Web Vault, iOS and Android.
Web Vault
Click on your email address, then click Account
Click Switch Account
Click Switch next to the account you would like to access. You will then be redirected to sign into that account using your Master Password.
iOS
Tap Account then tap on your current account email address located at that top of your screen. Next, tap the account you would like to access. You will then be redirected to sign into that account using your Master Password.
Android
Tap the menu icon, then tap Account. Next, tap the dropdown arrow next to your current account email address.
Tap the account you would like to access. You will then be redirected to sign into that account using your Master Password.
Inviting Family Members
Once you have logged into your Keeper account, inviting family members to join is easy and can be done from a desktop (Web Vault, Desktop App) or mobile device (iOS, Android).
Sharing Records and Folders
Once an invited family member has created a Keeper account, records can be shared with them.
To share an individual record, click Options > Sharing
Or, to create a Shared Folder, click on Create New > Shared Folder
Sharing Permissions
Sharing permissions can be set at the record and folder level.
Permission Type
Permission Level
Can Edit
Users in folder can edit this record
Can Share
Users in folder can share this record
Can Edit & Share
Users in folder can edit and share this record
Read Only
Users can only view the record
Transfer Ownership
User will own the record and control the sharing permissions
Provision Family plans via API
API access to creating free family plans associated to a business account
Overview
Keeper offers enterprise customers APIs to provision Family plans. Keeper provides REST APIs that enable you to build custom applications and integration in provisioning Family plans.
Capabilities of the API
Provision Family Plan API endpoint is for enterprise accounts & MSP partners to register Keeper Family licenses. This endpoint will create a 1 year license with the following Product/Add-ons:
Keeper Family
BreachWatch (Dark Web Monitoring)
10GB File Storage
For the full list of Keeper Family License features, visit the following page.
In order to access this API, contact your support representative to request an API key, this will be shared in a Keeper record.
API definition
This is an API endpoint for partners to register Keeper Family licenses.This endpoint will create a 1 year license with the following Product/Add-ons -- Keeper Family,BreachWatch, 10GB File Storage
Partner Transaction Id (external Id used by the partner as a reference)
First name of user
Last name of user
Email of user
Salted hash, hash = SHA256.hexdigest.bytesToHex(email + salt )
Keeper will provide the expected partner name along with the salt ("secret")
OK
Bad Request
Unauthorized
GET /bi_api/v1/services/partner/create-license HTTP/1.1
Host: keepersecurity.com
Accept: */*
{
"success": true,
"order_number": "12345678-1234",
"vault_url": "dev.keepersecurity.com/vault/#"
}Additional API details
API Parameters
For more information on the required parameters, visit:
API ParametersAPI Response codes
For more information on the response codes, visit:
API Response CodesAPI Explorer
If you wish to explore the APIs in another tool like postman or the swagger editor, download the associated YAML definition of the APIs below
For more information on exploring the API with swagger, visit:
API Explorer - SwaggerSample node.js script
Use the below sample so understand how you might implement this in your environment:
var request = require('request');
var CryptoJS = require('crypto-js');
var secret = 'PARTNER_SECRET';
var partner_name = 'PARTNER_NAME';
var email = 'EMAIL';
var hash = CryptoJS.SHA256(email + secret);
var transaction_id = 'TRANSACTION_ID';
var first_name = 'FIRST_NAME';
var last_name = 'LAST_NAME';
var options = {
'method': 'GET',
'url': 'https://keepersecurity.com/bi_api/v1/services/partner/create-license?transaction_id='+transaction_id+'&first_name='+first_name+'&last_name='+last_name+'&email='+email+'&hash='+hash+'&partner_name='+partner_name+'',
'headers': {
'Content-Type': 'application/json'
}
};
request(options, function (error, response) {
if (error) console.log("Error From the server: "+error);
console.log("response body: "+response.body);
console.log("response status: "+response.statusCode);
});Provision Student plans via API
API access to creating student plans associated to a business account
The primary use case enabled via this API is to provision "Keeper Unlimited" accounts for students within your organization.
Overview
Keeper offers enterprise customers APIs to provision Student plans. Keeper provides REST APIs that enable you to build custom applications and integration in provisioning Student plans.
Capabilities of the API
Provision Student Plan API endpoint is for Universities to register "Keeper Unlimited" accounts for students within your university. The endpoint will create a 1 year license with the following Product/Add-ons:
Keeper Unlimited
BreachWatch
10GB File Storage
For the full list of Keeper Unlimited License features, visit the following page.
In order to access this API, contact your Keeper representative to request an API key, this will be securely shared in a Keeper record.
API definition
This is an API endpoint for partner to register Keeper Unlimited licenses.This endpoint will create a 1 year license with the following Product/Add-ons -- Keeper Unlimited,BreachWatch, 10GB File Storage
Partner Transaction Id (external Id used by the partner as a reference)
First name of user
Last name of user
Email of user
Salted hash, hash = SHA256.hexdigest.bytesToHex(email + salt ), or command line example (echo -n "email+salt" | openssl dgst -sha256)
Keeper will provide the expected partner name along with the salt ("secret")
For Student API product type must be equal to 4.
OK
Bad Request
Unauthorized
GET /bi_api/v1/services/partner/create-license HTTP/1.1
Host: keepersecurity.com
Accept: */*
{
"success": true,
"order_number": "12345678-1234",
"vault_url": "dev.keepersecurity.com/vault/#"
}Additional API Details
API Parameters
For more information on the required parameters, visit:
API ParametersAPI Response codes
For more information on the response codes, visit:
API Response CodesAPI Explorer
If you wish to explore the APIs in another tool like postman or the swagger editor, download the associated YAML definition of the APIs below
For more information on exploring the API with swagger, visit:
API Explorer - SwaggerSample script using the API
Sample node.js script
Use the below sample so understand how you might implement this in your environment:
var request = require('request');
var CryptoJS = require('crypto-js');
var secret = 'PARTNER_SECRET';
var partner_name = 'PARTNER_NAME';
var email = 'EMAIL';
var hash = CryptoJS.SHA256(email + secret);
var transaction_id = 'TRANSACTION_ID';
var first_name = 'FIRST_NAME';
var last_name = 'LAST_NAME';
var options = {
'method': 'GET',
'url': 'https://keepersecurity.com/bi_api/v1/services/partner/create-license?product_type=4&transaction_id='+transaction_id+'&first_name='+first_name+'&last_name='+last_name+'&email='+email+'&hash='+hash+'&partner_name='+partner_name+'',
'headers': {
'Content-Type': 'application/json'
}
};
request(options, function (error, response) {
if (error) console.log("Error From the server: "+error);
console.log("response body: "+response.body);
console.log("response status: "+response.statusCode);
});API Troubleshooting
This section contains the following documents in providing more details on troubleshooting with the API:
The API parameters required to make a successful API call:
API ParametersAPI response code
API Response CodesAPI Explorer guide with Swagger
API Explorer - SwaggerAPI Parameters
Prerequisite
Prior to working with the API endpoints, your Keeper representative will provided you with the following:
Partner Name
Salt
This information will be needed to get a successful response by the API endpoint.
If you don't have the Partner Name or Salt, contact your Keeper representative.
API Parameters
Keeper Provision APIs require the following API Parameters to be passed with the API endpoint in order to get a successful request:
transaction_id (string)
Partner Transaction ID. This is a custom ID that you create for your reference. Example: "0001", "user1"
first_name (string)
User's First Name
last_name (string) (optional)
User's Last Name
email (string)
User's Email This is the email that will receive the invitation email to create an account
hash (string)
This is the salted hash you generate by hashing the User's email and Salt key provided by Keeper with SHA-256:
hash = SHA256.hexdigest.bytesToHex(email + salt )
partner_name (string)
The expected Partner Name is provided by your Keeper representative
API Response Codes
The Provision APIs respond to the API endpoints with the following:
200
Ok
{
"success": true,
"order_number": "12345678-1234",
"vault_url": "qa.keepersecurity.com/vault/#"
}400
Bad Request
{
"success": false,
"message": "Invalid request - Missing required fields"
}401
Unauthorized
{
"success": false,
"message": "Invalid Hash Value - UnAuthorized"
}API Explorer - Swagger
Overview
This document will detail using Swagger to help you understand the Family and Student Plans APIs and test your own examples.
API Explorer with Swagger
Visit & Download the YAML file for the provision endpoint you want to explore: Family Plans Student Plans
In Swagger, click on File > Import and select the YAML file downloaded in step 2
After importing the YAML file, the swagger website should show the API configuration defined in the YAML file on the Left screen, and the corresponding API explorer on the right side:
Expanding the API call on the right side will provide more information on the API endpoint's parameters and responses
To being testing out the API endpoint, click on the "Try it out" button
After filling out the values for the API Parameters, clicking on "Execute" will execute the API call:
After executing, you can scroll to the Response section to view the results