Latest Updates

Up to date information about the latest releases and known issues in production.

The Keeper Team has fixed several issues related to the Keeper 15.0 Login API release. Status of each item is reported below.

Note: Please ensure that you are logging into the correct Data Center where your account is located. Vault US: EU: Console US: EU:

Known Issues, To Be Fixed

  • EM-4405: Some users can't login to Admin Console using SSO on Edge Browser. Use Chrome if encountering this issue.

  • KA-3279: Users moved from a non-SSO node into an SSO Cloud node are not be able to migrate and approve their device. ETA Week of 9/17

  • EM-4391: Logging into the Admin Console with SSO and Duo Push is not working correctly. Please use the Duo SMS option temporarily. ETA Week of 9/17

  • EM-4403: The Admin Console login will not work if web sockets (wss:// network requests) are being blocked by your network provider or proxy. In Chrome, go to the Developer Tools > Console and you can see if the requests are being blocked. This causes the Admin Console to be unresponsive. If this is occurring to you, please contact your IT team to unblock web socket communications to the following destinations: ETA Week of 9/17

Recent Fixes - Published on Sept 11, 2020

  • KA-3323: Random connection errors when using Duo. Refreshing the vault page resolves it temporarily. FIXED

  • KA-3311: Android family plan management screen is not functioning. FIXED

  • VAUL-4428: Vault logs out before the extension and causes an error when trying to save or create a new record. FIXED

  • KA-3280: Logging in from Extension then opening vault prompts for 2FA again. FIXED

  • KA-3274: Changing email was sending users to a page with content that wasn't clear. FIXED

  • DAT-4401, KA-3289: The "Email Provisioning" method is not working. FIXED

  • KA-3294: "Error response code auth_failed" message - users with logout timer enforcements are being logged out too soon on the Web Vault (the Web Vault is currently using the logout timer setting for the Desktop) in the Admin Console settings. FIXED

  • KA-3221: "Change Email" issues are being resolved for consumer users. FIXED

  • KA-3232: Duo users who require enrollment after a device change are not being prompted for enrollment during login. FIXED

  • VAUL-3291: Deep linking into the Web Vault for a particular Record UID is taking a long time to load. FIXED

  • VAUL-4394: Very old Safari versions (10.x) are not able to login. FIXED

  • KA-3283: SCIM PUT will delete an invited user. FIXED

  • KA-3290: SSO Cloud user not identified in account information screen FIXED

  • VAULT-4397: If permitted, allow SSO user to change their email. FIXED

  • VAULT-4396: Remove IP device verification for SSO Cloud Users (doesn't apply). FIXED

  • VAUL-4399: User in "Blocked" invitation state not able to login with SSO. FIXED

  • VAUL-4401: First time login on a fresh Firefox window from the browser extension fails, forcing user to reload page. FIXED

  • VAUL-4384: Remove double-2FA entry during Keeper Push process on SSO Cloud. FIXED

  • VAUL-4408: "record open" events are being sent repeatedly from the Web Vault in certain scenarios, causing a large spike in events appearing in the event logs. FIXED

  • KA-3300: Customers who set up 2FA using a phone number starting with a "0" are not receiving text messages at login. FIXED

  • KA-3285: "login token does not match device" is occurring for a few customers randomly when typing in the 2FA code. This can be resolved by ensuring that cookies and local storage are not disabled on the browser. Aggressive private browsing mode can cause this issue, or group policies that restrict local storage. FIXED

Recent Improvements - Published Sept 11, 2020

  • KA-3236: ARAM event will now be generated if an admin approval is required (for SSO Connect Cloud)

  • KA-3237: ARAM event will now be generated if the Enterprise is out of licenses

  • KA-3263: New backend enforcement policy allows Enterprise customers to completely disable account recover (security question & answer) for specified roles.

SSO Connect Cloud - Availability

  • SSO Connect Cloud only supports Web Vault and Admin Console currently.

  • The way we implemented Admin Device Approvals is changing to remove the requirement of having Vault Transfer enforcement applied. Instead, there will be a new Administrative Permission specifically for Admin Device Approvals. ETA 9/17 For now, Admin Device Approvals are supported on Keeper Commander. Additional instructions for using Keeper Commander for device approvals will be posted here. Commander will be updated to include the new Admin Permission. ETA 9/17

Need Help?

If you require assistance, please contact consumer or business teams below:

Consumer support email:

Business support: