Overview
Simply by authenticating through your existing IdP, your employees gain access to all of the capabilities of the top-rated Keeper password management platform, including:
Secure digital vault that can be accessed from any device, running any OS
Automatic password generation & autofill on all devices
Works on any system, browser or app
Proprietary zero-knowledge encryption
This service does not require any on-premises or customer cloud-hosted services and there are no Master Passwords. Configuration is done directly between the IdP and Keeper's Admin Console.
To preserve Zero Knowledge, an Elliptic Curve public/private key pair is generated for each device. The private key on the device encrypts and decrypts the user's vault. Signing into a new device requires a key exchange that is processed by the new Keeper Push feature or approved by a designated Admin. Automated admin approvals can be configured in several different ways.
At a high level, setting up Keeper SSO Connect Cloud can be accomplished in 3 easy steps: 1. Configure SSO Connect on the Keeper Admin Console. 2. Enable and configure the Keeper Application within the IdP. 3. Add "Approve Devices" admin role permission to the designated Administrator
A new Admin Permission called "Approve Devices" allows an Administrator to perform device approvals. Admin Approvals can also be automated.
From an administrator's perspective, the cost, risk & labor saving benefits are significant:
Easy setup, all in one place in Keeper’s existing Admin Console.
No hosted software to integrate with their IdP
No additional server costs
No patching software
Eliminates a potential single point of failure
Available 24/7/365 on Keeper’s high availability systems
