PingOne Configuration
How to configure Keeper SSO Connect On-Prem with PingOne for seamless and secure SAML 2.0 authentication.
Last updated
How to configure Keeper SSO Connect On-Prem with PingOne for seamless and secure SAML 2.0 authentication.
Last updated
Login to the PingOne Admin portal https://admin.pingone.com/
From the PingOne console menu, select Applications > Application Catalog
Search "Keeper" and click on the "Keeper Password Manager - On-Prem SSO" link to add the Keeper Password Manager application
Click Setup to proceed to the next step
Click "Continue to Next Step"
On the Keeper SSO Connect Windows server, download the KeeperSsoMetadata.xml file and save it in a safe location.
Select Export Metadata on the Keeper SSO Connect.
Back on the PingOne application configuration, select the Select File button and choose the file KeeperSsoMetadata.xml.
Then click on Choose File next to "Primary Verification Certificate" and upload a valid SSL certificate file.
Click Continue to Next Step
Enter the appropriate values associated with each attribute (see below image) and click Continue to Next Step
Modify the Name to appropriately match the Configuration Name of the SSO node from the Keeper Admin Console. Click Continue to Next Step.
You may choose to add PingOne user groups to your application. Click Add next to the group or groups you would like to add and click Continue to Next Step.
PingOne users will have access to Keeper Password Manager by default. Assigning groups to Keeper Password Manager restricts access to only those groups.
Click Download next to "SAML Metadata" and save the .xml file to a safe location.
Click Finish to complete the application setup wizard.
The saml2-metadata-idp.xml file will download to the browser. Copy this file to the Keeper SSO Connect server and upload it into the Keeper SSO Connect interface by dragging and dropping the file into the Setup screen: Select Save.
The Keeper Application should be added and enabled.
Important Note: In the Application Configuration section of your Ping Identity setup, ensure that the "Signing" section has "Sign Response" selected with "RSA_SHA256" as the Signing Algorithm.
Your Keeper SSO Connect setup is now complete!
