⮐ Keeper Home
All Documentation
Admin Console
Getting Started
Start Your Trial
Resources
Quick Start Guide for Small Business Teams
Why Choose Keeper Enterprise
Implementation Overview
Domain Reservation
Deploying Keeper to End-Users
Keeper Admin Console Overview
Nodes and Organizational Structure
User and Team Provisioning
Manual Provisioning through the Admin Console
Custom Invite and Logo
Active Directory Provisioning
LDAP Provisioning
SSO - JIT (Just in Time) Provisioning and Authentication
Okta Provisioning with SCIM
Azure AD Provisioning with SCIM
G Suite Provisioning with SCIM
JumpCloud® Provisioning with SCIM
OneLogin Provisioning with SCIM
Microsoft AD FS Provisioning
API Provisioning with SCIM
Team and User Approvals
Email Auto-Provisioning
CLI Provisioning with Commander SDK
SSO / SAML Authentication
User Management and Lifecycle
Roles, RBAC and Permissions
Delegated Administration
Account Transfer Policy
Teams (Groups)
Folders and Shared Folders
Creating Vault Records
Importing Data
Two-Factor Authentication
Storing Two-Factor Codes
BreachWatch
Secure File Storage
SSH Connections
Reporting, Alerts & SIEM
Recommended Alerts
Webhooks (Slack & Teams)
Sarbanes-Oxley (SOX) Compliance
Vault Offline Access
Keeper MSP
Free Family License for Personal Use
Training and Support
IP Allow Keeper
Migrating User Vaults Between Regions
Password Recovery Via Vault Transfer
On-Prem vs. Cloud
Keeper Encryption Model
Developer Tools
Recommended Security Settings
End-User Guides
Use Cases
Login API
Docs Home
Powered by GitBook

CLI Provisioning with Commander SDK

Keeper Commander is an open-source Python SDK which can perform many vault and administrative functions within the Keeper system.

Keeper supports API-based provisioning through the use of our Python-based Keeper Commander SDK. The Keeper Commander SDK is open source Python code that is available for download from Keeper's Github Repository. The Commander SDK can assist in the following use cases:

  • Command line access to your Keeper vault

  • Importing passwords, folders and shared folder

  • Provisioning users and teams

  • Pushing records to users and teams

  • Sharing records and folders with users and teams

  • Performing targeted password rotation

  • Connecting to servers via SSH and RDP

Since Keeper Commander is an open source SDK and written in Python, it can be customized to meet your needs and integrated into your back-end systems.

For more information about Keeper Commander, visit: https://docs.keeper.io/secrets-manager/commander-cli/overview

Command-line Usage

Commander's command-line interface and interactive shell is a powerful and convenient way to access and control your Keeper vault and perform many administrative operations. To see all available commands, just type:

$ keeper
usage: keeper [--server SERVER] [--user USER] [--password PASSWORD]
              [--version] [--config CONFIG] [--debug]
              [command] [options [options ...]]
positional arguments:
  command               Command
  options               Options
optional arguments:
  --server SERVER, -ks SERVER
                        Keeper Host address.
  --user USER, -ku USER
                        Email address for the account.
  --password PASSWORD, -kp PASSWORD
                        Master password for the account.
  --version             Display version
  --config CONFIG       Config file to use
  --debug               Turn on debug mode

Interactive Shell

To run a series of commands and stay logged in, you will enjoy using Commander's interactive shell.

$ keeper shell
  _  __
 | |/ /___ ___ _ __  ___ _ _
 | ' </ -_) -_) '_ \/ -_) '_|
 |_|\_\___\___| .__/\___|_|
              |_|
 password manager & digital vault
Logging in...
Syncing...
Decrypted [400] Records
My Vault>

Type h to display all commands and help information.

Keeper Command Reference

Commander has hundreds of features. Specifically with regards to User and Team provisioning, the following commands are relevant:

  • create-user

  • enterprise-info

  • enterprise-node

  • enterprise-user

  • enterprise-role

  • enterprise-team

  • enterprise-push

  • team-approve

Example with create-user:

My Vault> create-user -h
usage: create-user [-h] [--name NAME] [--node NODE] email
Send an invitation to the user to join Keeper
positional arguments:
  email        email
optional arguments:
  -h, --help   show this help message and exit
  --name NAME  user name (enterprise only)
  --node NODE  node name or node ID (enterprise only)
My Vault> create-user --name "Mary Jane" [email protected]
User '[email protected]' create and added to the enterprise

Each command supports additional parameters and options. To get help on a particular command, use the -hflag.

Note: Some commands accept record or shared folder UID parameter. UID values may start with dash character (-) that is interpreted by command parser as an option. To pass a parameter starting with dash separate this parameter with two dashes (--). rmdir -- -Gd9l4daPw-fMd

For more Commander documentation, see the link below: https://docs.keeper.io/secrets-manager/commander-cli/overview

Previous
Email Auto-Provisioning
Next
SSO / SAML Authentication
Last updated 5 days ago