Admin Approval
Admins can approve end-user SSO Cloud devices
Admin Approval Method via Admin Console
Selecting "Admin Approval" will send the request to the Keeper Administrator with the "Approve Devices" permission. The Admin can perform the approval through the Admin Console "Approval Queue" screen or by being logged into the Admin Console at the time of the request.
(1) User selects "Admin Approval"
(2) User waits for approval or comes back later
(3) Administrator logs into the Admin Console and visits the Approval Queue
(4) Admin reviews the information and approves the device
Select the device to approve and then click "Approve". If the user is waiting, they will be instantly permitted to login. Otherwise, the user can login at a later time without any approval (as long as they don't clear out their web browser cache or reset the app).
Approve Devices Role Permission
A special role permission called "Approve Devices" provides a Keeper Administrator the ability to approve a device.
(1) Go to Roles within the root node or the SSO node
(2) Select the gear icon to control the Admin Permissions for the selected role.
(3) Assign "Approve Devices" permission
Now, any user added to this role is able to login to the Admin Console to perform device approvals.
As with any administrative permission, ensure least privilege
Last updated
