Sharing

Overview

Sharing Keeper records is a secure and powerful feature of the platform. Keeper offers various easy-to-use sharing capabilities with role-based enforcement policies to solve the most common use cases. In Keeper, a "record" in the vault represents a privileged account, credential, PAM resource or identity that is being managed.

Types of Sharing

• Record and File Sharing - easily share a single record with another Keeper user and choose from various permission types to control access.

• Share a Folder — share multiple records at once by sharing a folder with another Keeper user or team. Set permissions that govern the records and users within the folder. Keeper currently allows users to choose between two folder systems:

  • Nested Shared Folders: Keeper's latest folder model, supports nested hierarchies up to five levels deep, with role-based folder permissions and independent sharing configurations at every level.

  • Classic Shared Folders: Keeper’s original folder structure, where sharing and permissions are separated by user, team and record-level entitlements.

• PAM Resource Sharing - share access to a KeeperPAM managed resource (such as a machine, database, web application, identity or directory) without sharing access to credentials

• One-Time Share - provides time-limited secure sharing of a record to anyone, even if they don't have a Keeper account. This is a useful feature for sharing information with contractors or new employees during their onboarding process. Supports bi-directional editing capability.

• Share Admin - role-based permission that gives administrators elevated access rights over your organization's shared folders and shared records.

• Time-Limited Access - securely share credentials or secrets with other Keeper users on a temporary basis, automatically revoking access at a specified time.

• Self-Destructing Records - One-time share records that automatically delete from both sides when shared and viewed.