LogoLogo
User Guides
Docs HomeKeeper Connection ManagerUser GuidesRelease NotesEnterprise GuideMSP GuideSSO Connect CloudKeeperPAM and Secrets ManagerSSO Connect On-PremKeeper Bridge
User Guides
Docs HomeKeeper Connection ManagerUser GuidesRelease NotesEnterprise GuideMSP GuideSSO Connect CloudKeeperPAM and Secrets ManagerSSO Connect On-PremKeeper Bridge
  • Keeper End-User Guides
  • System Requirements
  • Quick Start Guides
    • Web Vault & Desktop App
    • iOS - iPhone & iPad
    • Android - Phone & Tablet
  • Enterprise End-User
  • Enterprise End-User (SSO)
  • Web Vault & Desktop App
  • KeeperFill for Apps
  • iOS - iPhone & iPad
  • Autofill & Passkey Setup for iOS
  • Android Phone & Tablet
  • Autofill & Passkey Setup for Android
  • Record Types
  • Sharing
  • Time-Limited Access
  • One-Time Share
  • Self-Destructing Records
  • Vault Offline Access
  • Security Audit
  • BreachWatch
  • Secure File Storage
  • Emergency Access
  • Keeper Family Plan
  • KeeperChat
  • KeeperFill Browser Extensions
    • Install for Chrome
    • Install for Firefox
    • Install for Safari
    • Install for Edge
    • Install for Opera
    • Using KeeperFill
  • Passkeys
  • Troubleshooting
    • Hardware Security Keys on iOS
    • Master Password Reset & Account Recovery
    • Troubleshoot Extension Issues
    • Autofill Issues
    • Troubleshooting Vault Issues
    • Clearing Browser Cache
    • Website Developers
    • Internet Explorer
  • Tips & Tricks
    • Protecting your Keeper Vault
    • Stay Logged In
    • Protecting TOTP Codes
    • Using Keeper TOTP with Azure or Office 365
    • Changing Passwords Using KeeperFill
    • Free Family License for Personal Use
    • One Record with Multiple URL Domains
    • KeeperFill Right-Click Context Menu
    • Keyboard Shortcuts
    • Resetting Desktop App
    • Login to Keeper with Windows Hello
    • Login to Keeper on macOS with Touch ID
    • Using Windows Hello or Touch ID with SSO
    • Logging in with DUO
  • Social Media Management
  • Use Cases
  • Uninstall Keeper
  • Web Vault & Desktop App (Legacy, Abridged)
    • Enterprise End-User (SSO)
  • Docs Home
  • Import Records
    • Import Overview
    • Import from Chrome, Firefox, IE, Edge, Safari
    • Import from Chrome via export
    • Import Text File (.csv)
    • Import Text File (.json)
    • Import from Excel
    • Import from 1Password
    • Import from Avast
    • Import from Bitwarden
    • Import from CyberArk
    • Import from Dashlane
    • Import from EnPass
    • Import from Kaspersky
    • Import from KeePass (.kdbx)
    • Import from KeePass .XML
    • Import from LastPass
    • Import from MacPass
    • Import from mSecure
    • Import from MyKi
    • Import from Passpack
    • Import from Passportal
    • Import from Password Boss
    • Import from Proton Pass
    • Import from Psono
    • Import from RoboForm
    • Import from Safari
    • Import from SplashID
    • Import from Sticky Password
    • Import from Thycotic / Delinea
    • Import from True Key
    • Import from ZOHO
    • Import from Commander CLI
  • Microsoft Store App
  • Export and Reports
    • Vault Export
    • Shared Records Report
  • Documentation Home
Powered by GitBook

Company

  • Keeper Home
  • About Us
  • Careers
  • Security

Support

  • Help Center
  • Contact Sales
  • System Status
  • Terms of Use

Solutions

  • Enterprise Password Management
  • Business Password Management
  • Privileged Access Management
  • Public Sector

Pricing

  • Business and Enterprise
  • Personal and Family
  • Student
  • Military and Medical

© 2025 Keeper Security, Inc.

On this page
  • Create Your Keeper Account
  • Create Your Account - Email Invitation
  • Create Your Account - SSO Dashboard
  • Login Flows
  • Keeper Initiated Login
  • SSO Initiated Login
  • Device Approvals

Was this helpful?

Export as PDF
  1. Web Vault & Desktop App (Legacy, Abridged)

Enterprise End-User (SSO)

This guide details the account creation and login process for Enterprise customers who deploy Keeper through an existing Single Sign-On Identity Provider (IdP) such as Azure, ADFS or Okta.

PreviousWeb Vault & Desktop App (Legacy, Abridged)NextImport Overview

Last updated 9 months ago

Was this helpful?

Create Your Keeper Account

Your Keeper vault is easy to create, simple to use and you’ll be up and running in just minutes. You can create and access your Keeper vault by either logging in directly from Keeper via an email invitation from your Keeper Administrator or from your SSO provider dashboard.

Create Your Account - Email Invitation

You may have received an email from your organization's Keeper Administrator inviting you to create a Keeper account with a subject line that reads: "Action Required >> Instructions for Your Keeper Security Account"

To create your Keeper account, click the yellow action button that by default says "Set Up Your Account Now", however, your organization may have chosen to customize the exact wording.

Since your Keeper account is deployed through your Single Sign-On Identity Provider (IdP) integration, you will automatically be routed to authenticate against your IdP if a current SSO session is not active.

Once you have successfully authenticated to the IdP, you will be routed to your Keeper vault. Upon accessing your vault, you may receive a "Vault Transfer" acceptance dialog.

Next, you will be guided through a "Quick Start" walkthrough, that will help you either import passwords from your browser or other password manager (if enabled by your Keeper Admin) or manually create new records.

Please note, the Quick Start module may be disabled by your Keeper Admin.

Create Your Account - SSO Dashboard

Alternatively, you can create your Keeper account by visiting your SSO provider dashboard. This is called "Identity Provider-initiated login". First, log in to your existing Single Sign-On identity provider as you normally do.

You will observe your Keeper administrator has integrated Keeper into your identity provider dashboard. Simply click the Keeper icon to launch the Keeper application.IdP-Initiated Login

You will be guided through a "Quick Start" walk through, that will help you either import passwords from your browser or other password manager (if enabled by your Keeper Admin) or manually create new records.

Please note, the Quick Start module may be disabled by your Keeper Admin.

Login Flows

Once your Keeper account has been created, logging into your Keeper Vault is both easy and secure. Users can do so from either Keeper's vault login page or from their SSO provider dashboard.

Keeper Initiated Login

You can login to Keeper by entering either your email address or Enterprise Domain at Keeper's login page.

Login to your Keeper vault by region:

US: https://keepersecurity.com/vault​

EU: https://keepersecurity.eu/vault​

Email Address Login

From the Keeper vault login page, enter your email address and click Next

You will automatically be routed to your Identity Provider to sign in. Once you have successfully authenticated to the IdP, you will be routed to your Keeper vault.

Enterprise Domain Login

From the Keeper vault login page, select Enterprise SSO Login > Enterprise Domain

Enter your Enterprise Domain and click Connect

Please note, the Enterprise Domain is provided by your Keeper administrator.

You will automatically be routed to your Identity Provider to sign in. Once you have successfully authenticated to the IdP, you will be routed to your Keeper vault.

SSO Initiated Login

Log in to your existing Single Sign-On identity provider as you normally do.

Simply click the Keeper icon to launch the Keeper application and you will be routed to your Keeper vault.

Device Approvals

If you sign into Keeper on a new platform, you may encounter a "device approval" notification (SSO Cloud Users Only). If you are attempting to log in on an unrecognized device or browser, a device approval must take place before you can proceed to your Keeper vault. Users have two methods of approval to choose from, Keeper Push or Admin Approval.

Keeper Push is Keeper’s proprietary notification-based device approval system that sends a push notification to an existing, recognized device. This is a self-service process that allows users to handle the device approval on their own.

Admin Approval will send a notification to your Keeper Admin requesting device approval. If you do not have an existing, recognized device, this will be the only path gain access again.

If you select Keeper Push, a notification (push) will be appear in your vault at an approved device or browser. Select Yes to approve the new device.

You must be actively logged into a different, recognized/approved device to receive the notification.

Alternatively, if you select Admin Approval, your Keeper Admin will receive notification for approval. Once the device has been approved, you will be able to proceed to your Keeper Vault.

Please note, your Keeper Admin may have configured automatic approvals, in which case the request is handled within 15 seconds.