Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
High level overview of Keeper SSO Connect™ Cloud
Simply by authenticating through your existing IdP, your employees gain access to all of the capabilities of the top-rated Keeper password management platform, including:
Secure digital vault that can be accessed from any device, running any OS
Automatic password generation & autofill on all devices
Compatibility on any system, browser or app
Zero-knowledge encryption of vault data
This service does not require any on-premises or customer cloud-hosted services and there are no Master Passwords. Configuration is done directly between the IdP and Keeper's Admin Console.
To preserve Zero Knowledge, an Elliptic Curve public/private key pair is generated for each device. The private key on the device encrypts and decrypts the user's vault. Signing into a new device requires a key exchange that is processed by our Keeper Push feature or approved by a designated Admin. Automated admin approvals can be configured in several different ways.
Important: SSO users and provisioning must exist in a dedicated node that you will create (not in the root node). Before completing these steps, create a new node as shown in the image below.
Keeper SSO Connect Cloud can be rolled out in 3 easy steps:
Create a SSO Connect Cloud instance on the Keeper Admin Console under Provisioning
Exchange metadata with your SAML identity provider
Set up automated provisioning and/or manually provision users to Keeper
An Administrative Permission called "Approve Devices" allows an Administrator to perform device approvals. Admin Approvals can also be automated. See the Device Approval section for details.
A unique "device" includes physical devices as well as browsers and browser profiles.
From an administrator's perspective, the cost, risk & labor saving benefits of Keeper SSO Connect Cloud are significant:
Easy setup, all in one place in Keeper’s existing Admin Console.
No hosted software to integrate with the IdP
No additional server costs
No patching software
Eliminates a potential single point of failure
Available 24/7/365 on Keeper’s high availability systems
Enhance and Extend Your SSO and Passwordless Solution
Keeper SSO Connect is a 100% Cloud-based SAML 2.0 service that seamlessly and quickly integrates with your existing SSO and Passwordless solution - enhancing and extending it with zero-knowledge password management and encryption. Keeper supports all popular SSO IdP platforms such as Microsoft Entra ID / Azure, Okta, Google Workspace, Centrify, Duo, OneLogin, Ping Identity, JumpCloud and many more.
https://www.keepersecurity.com/keeper-sso-connect.html
Keeper SSO Connect, included with Keeper Enterprise, seamlessly integrates with all popular SSO IdP platforms including Office365, Entra ID / Azure AD, ADFS, Google Workspace, Okta, Ping, JumpCloud, Centrify, OneLogin, F5 BIG-IP APM and more.
In addition to SSO providers, Keeper also seamlessly integrates with all popular Passwordless authentication platforms that support SAML 2.0 including Duo, HYPR, Trusona, Octopus, Traitware and Veridium.
Pairing your SSO solution with Keeper's secure password manager solves several major functional and security gaps.
Use Case
Keeper Password Manager
SSO Identity Provider
Password-Based Apps
✅
-
Shared Passwords & Secrets
✅
-
Encrypted Data Storage
✅
-
Social Media Sites
✅
-
Native Apps
✅
-
Offline Access
✅
-
SSH Keys
✅
-
Encrypted Private Files
✅
-
Zero-Knowledge Encryption
✅
-
SAML-Based Apps
✅ [via SSO Connect Cloud]
-