# Centrify

{% hint style="success" %}
Please complete the steps in the [Admin Console Configuration](/en/sso-connect-cloud/admin-console-configuration.md) section first.
{% endhint %}

<figure><img src="https://2503956294-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-MB_i6vKdtG6Z2n6zWgJ%2Fuploads%2FINsvW6ptYsoxyfKJN79N%2FCentrify.jpg?alt=media&#x26;token=c19b2dfe-6420-47fe-973d-ed029251ac27" alt=""><figcaption></figcaption></figure>

### Centrify

Login to the Centrify Admin portal via the cloud login.

![](https://2503956294-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-MB_i6vKdtG6Z2n6zWgJ%2F-MBuVYyDtu8QKVs4unt0%2F-MBuWe-jvYW6i2Ayu24p%2Fsso-step-123b.png?alt=media\&token=03a4597b-cb87-43b2-8901-ce1784c4d37d)

Switch to the Admin Portal from the pull down menu.

![](https://2503956294-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-MB_i6vKdtG6Z2n6zWgJ%2F-MBuVYyDtu8QKVs4unt0%2F-MBuWfMCzphX6cciqEb0%2Fsso-step-124b.png?alt=media\&token=dbb83a98-7a42-499b-948e-f909628527c1)

Close the Quick Start Wizard if it pops up. Select **Apps** from the menu then **Add Web Apps**.

![](https://2503956294-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-MB_i6vKdtG6Z2n6zWgJ%2F-MBuVYyDtu8QKVs4unt0%2F-MBuWgqDIltgV9aUReuz%2Fsso-step-125b.png?alt=media\&token=22bfc013-030f-4ba4-b76a-e18eb07b3beb)

On the Add Web Apps window, select the Custom tab and then scroll down and choose **Add** for SAML.

![](https://2503956294-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-MB_i6vKdtG6Z2n6zWgJ%2F-MBuVYyDtu8QKVs4unt0%2F-MBuWiJPv3TImqeqLUh1%2Fsso-step-126b.png?alt=media\&token=441a3df3-d7e7-45e4-bb35-ca4fc4a0f262)

Select **Yes** to “**Do you want to add this application?**”.

![](https://2503956294-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-MB_i6vKdtG6Z2n6zWgJ%2F-MBuVYyDtu8QKVs4unt0%2F-MBuWq2UDHJfEe41qrKa%2Fsso-step-127b.png?alt=media\&token=46e7eb58-e8d0-42f0-a72f-8829abd28adb)

Close the Add Web Apps Window.

![](https://2503956294-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-MB_i6vKdtG6Z2n6zWgJ%2F-MBuVYyDtu8QKVs4unt0%2F-MBuWrI68WwvRgotTsBN%2Fsso-step-128b.png?alt=media\&token=6c0ba869-66d7-473b-8715-f05f51b36686)

The next step is to upload Keeper’s SSO Metadata to Centrify.\
\
On the Keeper Admin Console, export the SAML Metadata file

Go to View -> Export Metadata

![](https://2503956294-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-MB_i6vKdtG6Z2n6zWgJ%2F-MGA7bXJpN6ZOb2NzMCa%2F-MGA9GfFP5Dut9-4y2dM%2Fview-sso.png?alt=media\&token=a3cb9e32-9021-4026-beeb-9d828fce8946)

![](https://2503956294-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-MB_i6vKdtG6Z2n6zWgJ%2F-MJ9SEkoq5ho0UydUs-W%2F-MJ9yy_ID4jKU-finPSJ%2FScreenshot%202020-10-08%20at%2018.29.01.png?alt=media\&token=c9465576-1a8d-41de-9863-daaf1a0b58ec)

In the SAML Application Settings section in Centrify, select **Upload SP Metadata**.

![](https://2503956294-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-MB_i6vKdtG6Z2n6zWgJ%2F-MBuVYyDtu8QKVs4unt0%2F-MBuWue8X1qsA9u2K0g6%2Fsso-step-130b.png?alt=media\&token=3677e8b9-fb28-4d0b-956b-791173e2358b)

Select **Upload SP Metadata from a file** and browse for the KeeperSSOMetadata.xml file. Select **Ok**.

![](https://2503956294-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-MB_i6vKdtG6Z2n6zWgJ%2F-MBuVYyDtu8QKVs4unt0%2F-MBuWwoRTp9PRa2RFa7g%2Fsso-step-131b.png?alt=media\&token=a1b78078-9eaf-4a4b-aef6-f452081a2e4b)

Download the Identity Provider SAML Metadata. This will be uploaded to Keeper SSO Connect.

![](https://2503956294-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-MB_i6vKdtG6Z2n6zWgJ%2F-MBuVYyDtu8QKVs4unt0%2F-MBuX7AeGSB8HyLn_mMZ%2Fsso-step-132b.png?alt=media\&token=b3abcda4-64e3-4961-9b8e-534a869547f2)

On the Description section enter **Keeper SSO Connect** in the Application Name field and select **Security** in the Category field.

![](https://2503956294-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-MB_i6vKdtG6Z2n6zWgJ%2F-MBuVYyDtu8QKVs4unt0%2F-MBuX9XwnWslR9iJWTFP%2Fsso-step-133b.png?alt=media\&token=e99c6f66-bf86-4583-9199-f87b0300c28b)

Download the Keeper logo.\
\
Select **Select Logo** and upload the Keeper logo (keeper60x60.png).

![](https://2503956294-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-MB_i6vKdtG6Z2n6zWgJ%2F-MBuVYyDtu8QKVs4unt0%2F-MBuXC1GyVZYEJ28cEM3%2Fsso-step-134b.png?alt=media\&token=e05d9ed1-8929-4834-b040-55ee1d38b9c9)

On the User Access section select the roles that can access the Keeper App:

![](https://2503956294-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-MB_i6vKdtG6Z2n6zWgJ%2F-MBuVYyDtu8QKVs4unt0%2F-MBuXEU8MvnJbGu2Aitu%2Fsso-step-135b.png?alt=media\&token=8d99bc42-2aa7-48a4-8e26-1d38f6d190e1)

Under the Account Mapping section, select "Use the following..." and input **mail**.

![](https://2503956294-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-MB_i6vKdtG6Z2n6zWgJ%2F-MBuVYyDtu8QKVs4unt0%2F-MBuXIBgYNhL_E1OJqKV%2Fsso-step-136b.png?alt=media\&token=4d72c160-3dd6-4829-9125-3627bc65c2e5)

On the **Advanced** section, append the script to include the following lines of code:

```
setAttribute("Email", LoginUser.Get("mail"));
setAttribute("First", LoginUser.FirstName);
setAttribute("Last", LoginUser.LastName);
setSignatureType("Response");
```

![](https://2503956294-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-MB_i6vKdtG6Z2n6zWgJ%2F-MBuVYyDtu8QKVs4unt0%2F-MBuXT0n0ka0TwhOiWIS%2Fsso-step-137b.png?alt=media\&token=8cc36068-0362-4a28-94af-f3e362c125fe)

* The above script reads the display name from the User Account section. The FirstName attribute is parsed from the first string of DisplayName and the LastName attribute is parsed from the second string of DisplayName.

![](https://2503956294-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-MB_i6vKdtG6Z2n6zWgJ%2F-MBuVYyDtu8QKVs4unt0%2F-MBuXVW7TG9_DAunALnr%2Fsso-step-138b.png?alt=media\&token=8347cad8-0d91-41ad-81d7-6d55418e07db)

Select **Save** to finish the setup.

![](https://2503956294-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-MB_i6vKdtG6Z2n6zWgJ%2F-MBuVYyDtu8QKVs4unt0%2F-MBuXWuyUixluUAzzcqI%2Fsso-step-139b.png?alt=media\&token=ad0d2934-7973-43ea-82e3-0025eb09d839)

Upload the Identity Provider SAML Metadata file into the Keeper SSO Connect Cloud instance interface by dragging and dropping the file into the edit screen:

![](https://2503956294-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-MB_i6vKdtG6Z2n6zWgJ%2F-MM1Xu0Pg5p1Z20o_MDw%2F-MM1_mgYa6YoFEHI12TZ%2Fcentrify_metadata.PNG?alt=media\&token=ece02267-0add-4ca4-880b-2419d23028ff)

When upload is complete, revert back one screen. The SSO integration is ready to test.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.keeper.io/en/sso-connect-cloud/identity-provider-setup/centrify-keeper.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.