Not just on mobile! Push Approvals show as a pop-up prompt in your vault on a device that is already logged in.
Keeper Push is a method of approval that the user handles for themselves. Selecting "Keeper Push" will send a notification to the user's approved devices. For mobile and desktop apps, the push will show as a pop-up, and the user can simply accept the device approval.
Here's an example of Keeper Push approval using mobile as the approver device:
1) Select Keeper Push
2) User waits for the push approval to appear on the device in which they are already logged in.
3) User must be already logged into a different, previously approved device in order to receive the notification.
User Push Approval
Selecting "Admin Approval" will send the request to the Keeper Administrator with the "Approve Devices" permission. The Admin can perform the approval through the Admin Console "Approval Queue" screen or by being logged into the Admin Console at the time of the request.
1) User selects "Admin Approval"
2) User waits for approval or comes back later
3) Administrator logs into the Admin Console and visits the Approval Queue
4) Admin reviews the information and approves the device
Device Approval Screen
Select the device to approve and then click "Approve". If the user is waiting, they will be instantly permitted to login. Otherwise, the user can login at a later time without any approval (as long as they don't clear out their web browser cache or reset the app).
A special role permission called "Approve Devices" provides a Keeper Administrator the ability to approve a device.
(1) Go to Roles within the root node or the SSO node
(2) Select the gear icon to control the Admin Permissions for the selected role.
(3) Assign "Approve Devices" permission
Now, any user added to this role is able to login to the Admin Console to perform device approvals.