Nested Share Subfolders

Introducing Nested Share Subfolders

Keeper is redefining how users and teams organize, share and protect their most sensitive records. With the introduction of Nested Share Subfolders with Role-Based Folder Permissions, we’ve rebuilt the vault’s folder, sharing and permissions model from the ground up, delivering a more flexible and scalable experience for every user and team.

During this transition, the new, Nested Share Subfolder system will exist alongside the existing Classic folder system and permission model, with two distinct folder icons to help users easily differentiate between them.

To maintain clarity and prevent compatibility issues, the Classic and Nested Share folder systems cannot coexist or be mixed in the same folder structure. Existing workflows remain unaffected while organizations adopt the new experience at their own pace. In the future, we plan to support conversion between the two systems — for now, they remain separate.

Key Features

• Hierarchical organization up to five levels deep — Create folders and subfolders with independent sharing configurations at each level, enabling logical organization that scales with your team structure.

• Role-based folder permissions — Assign granular permissions at both the folder and record level, giving every user exactly the access their role requires. Permissions can be applied through inheritance (flowing automatically from parent to child folders), direct folder assignment, or direct record assignment.

• Permission inheritance with targeted overrides — Broad access policies apply consistently across a folder structure, with the flexibility to make precise exceptions at any level. When multiple permission paths apply, precedence rules ensure the most specific assignment wins — record-level permissions override folder-level ones, which override inherited permissions from a parent.

• Access management controls — Share managers can add users and teams, perform bulk permission changes, and set access expiration dates or revoke access entirely at the folder or record level. Users cannot grant permissions higher than their own access level.

Permissions & Access Model

Role-Based Folder Permissions give administrators granular control over exactly who can view, edit, share and manage content at every level of the folder hierarchy — whether you're an individual user, managing a small team, or operating across a global enterprise.

Permissions can be applied in three ways:

• Inherited access — permissions flow down automatically from a parent folder through all nested subfolders and records within it, so broad access policies apply consistently without manual effort

• Direct folder permissions — a specific permission level is assigned to a user or team on a particular folder

• Direct record permissions — a specific permission level is assigned to a user or team on an individual record

When multiple paths apply, precedence rules determine the effective access level — enabling administrators to set broad policies at the top of a structure while making precise exceptions wherever needed. User roles define the scope of what each individual can do, ranging from record-level work to administrative control across the organization.

Permission Types

Important Notes About Permissions

• Sharing limits apply to the sharer's own access level. Users who manage sharing cannot grant permissions higher than what they themselves have. For example, a Share Manager cannot elevate someone else to Full Manager.

• Removing a record from a folder is not the same as deleting it. Some roles can remove records from a folder without the ability to permanently delete them from the Vault entirely.

How Precedence Rules Work

When a user has permissions from multiple sources — for example, an inherited role from a parent folder and a direct role on a specific record — precedence rules determine which one applies.

The logic is straightforward:

• Direct permissions override inherited ones. A user who inherits "Viewer" access but is explicitly granted "Content Manager" on a specific record will have "Content Manager" access on that record.

• More specific assignments win. Record-level permissions override folder-level ones, which override inherited permissions from a parent.

End-User Experience

Create a Folder

To create a new folder, click Create New > Folder — no need to decide between a regular or shared folder, you will have the opportunity to share the folder once its been created. Select the folder location from the dropdown menu and enter the folder name.

Here you will have the option to use the Classic permission model by checking the box. This will limit sharing to basic access levels and can be used for compatibility with older workflows.

Classic and Nested Share folders are easily distinguished by two distinct folder icons — Nested Folders display as solid in color, while Classic folders appear with a transparent icon

Create Nested Subfolders

To create subfolders, right click on the parent folder and select New Folder, enter the folder name and click Create. You can create subfolders up to 5 levels deep with independent sharing configurations at each level.

Add Records

Once you've created the folder and any subfolders, you can begin adding records.

Add records by clicking the edit icon on the folder and adding them from the search bar dropdown menu.

Share & Set Permissions

To share at the record or folder level, with the record/folder selected, click the Share button and add users or teams from the search bar.

You can now begin assigning permissions to each user/team as you add them by right clicking on the dropdown icon next to each. Click here to learn about each permission type.

In addition to setting the permissions you can also take the following actions:

• Set Expiration: Set a date after which record/folder access is automatically revoked

• Remove Access: Immediately revoke a user's record/folder access entirely

Achieve a bulk permission change by checking the box next to the users/teams, clicking the Options dropdown menu that will appear and selecting the desired permission.

Click on a record within a folder to view all "Users with Access" and all "Shared Folders" the record resides in. This clarifies whether the record is shared from a parent folder through inheritance and/or from an individual folder lower in the hierarchy.

Record Deletion

Record deletion follows the same role-based permissions that control all other access in the vault. Only users with the appropriate permission level can delete records — ensuring that who can remove a record is governed by their role, not the folder system they're working in.

Rollout Approach

The rollout of Nested Shared Subfolders is designed to minimize disruption and maximize flexibility:

• The Classic folder system remains fully supported and operational during the transition period

• The Nested Share Subfolder system is available by request only at this time

• There is NO forced migration

• There is currently NO automatic conversion between Classic folders and Nested Share Subfolders

• Both systems can operate in parallel during the transition

This approach gives organizations the freedom to move at their own pace, while exploring Nested Share Subfolders when ready, without any pressure to abandon their existing vault workflows.

Roadmap

The Nested Share Subfolder feature is available through a "feature flag" that can be enabled by the Keeper support team. Over the coming weeks, we plan to gather customer feedback and roll out critical capabilities which include:

• Vault Transfer Policy

• Deletion and Restore

• Moving records

• Import

• One-Time Share

• Drag-and-Drop

• Migration from Classic shared folders

• iOS, Android, Browser Extension end-user application support

• Secrets Manager SDKs and integrations

Frequently Asked Questions