Keeper Automator Service

Overview

The Keeper Automator is a self-hosted service which performs cryptographic operations including device approvals, team approvals and team user assignments.

Once Automator is running, users can seamlessly access Keeper on a new (not previously approved) device after a successful authentication with your identity provider, without any further approval steps. Without the Automator service, users and admins can still perform manual device approvals through Push Approval methods.

Keeper Automator is a lightweight service that can be deployed in your cloud or on-prem environment.

Why is this needed?

Keeper SSO Connect provides seamless authentication into the Keeper vault using your identity provider. Normally a user must a approve their new device, or an Admin can approve a new device for a user. The Automator service is totally optional, created for Admins who want to remove any friction associated with device approvals.

To preserve Zero Knowledge and automate the transfer of the Encrypted Data Key (EDK) to the user's device, a service must be run which is operated by the Enterprise (instead of hosted by Keeper). The service can be run several different ways, either in the cloud or self-hosted.

An in-depth explanation of SSO Connect encryption model is documented here.

Installation Options

Depending on your environment, select from one of the following installation methods. The Azure Container App, Azure App Services, AWS Elastic Container Service and Google Cloud with GCP Cloud Run are the best choices if you use one of these cloud services.

Installation Method: Azure Container App

View Instructions

Installation Method: Azure App Services

View Instructions

Installation Method: Azure App Gateway

View Instructions

Installation Method: AWS Elastic Container Service

View Instructions

Installation Method: AWS Elastic Container Service with KSM

View Instructions

Installation Method: Google Cloud with GCP Cloud Run

View Instructions

Installation Method: Standalone Java

View Instructions

Installation Method: Docker

View Instructions

Installation Method: Docker Compose

View Instructions

Installation Method: Kubernetes

View Instructions

Installation Method: Windows Service

View Instructions

Automator Security

Using the Automator service creates a frictionless experience for users, however it requires that you have fully secured your identity provider.

Please refer to our Recommended Security Settings guide to securing your Keeper environment.