Enterprise End-User (SSO)

Create Your Keeper Account

Your Keeper vault is easy to create, simple to use and you’ll be up and running in just minutes. You can create and access your Keeper vault by either logging in directly from Keeper via an email invitation from your Keeper Administrator or from your SSO provider dashboard.

Create Your Account - Email Invitation

You may have received an email from your organization's Keeper Administrator inviting you to create a Keeper account with a subject line that reads: "Action Required >> Instructions for Your Keeper Security Account"

To create your Keeper account, click the yellow action button that by default says "Set Up Your Account Now", however, your organization may have chosen to customize the exact wording.

Since your Keeper account is deployed through your Single Sign-On Identity Provider (IdP) integration, you will automatically be routed to authenticate against your IdP if a current SSO session is not active.

Once you have successfully authenticated to the IdP, you will be routed to your Keeper vault. Upon accessing your vault, you may receive a "Vault Transfer" acceptance dialog.

Next, you will be guided through a "Quick Start" walkthrough, that will help you either import passwords from your browser or other password manager (if enabled by your Keeper Admin) or manually create new records.

Create Your Account - SSO Dashboard

Alternatively, you can create your Keeper account by visiting your SSO provider dashboard. This is called "Identity Provider-initiated login". First, log in to your existing Single Sign-On identity provider as you normally do.

You will observe your Keeper administrator has integrated Keeper into your identity provider dashboard. Simply click the Keeper icon to launch the Keeper application.IdP-Initiated Login

You will be guided through a "Quick Start" walk through, that will help you either import passwords from your browser or other password manager (if enabled by your Keeper Admin) or manually create new records.

Login Flows

Once your Keeper account has been created, logging into your Keeper Vault is both easy and secure. Users can do so from either Keeper's vault login page or from their SSO provider dashboard.

Keeper Initiated Login

You can login to Keeper by entering either your email address or Enterprise Domain at Keeper's login page.

Login to your Keeper vault by region:

Email Address Login

From the Keeper vault login page, enter your email address and click Next

You will automatically be routed to your Identity Provider to sign in. Once you have successfully authenticated to the IdP, you will be routed to your Keeper vault.

Enterprise Domain Login

From the Keeper vault login page, select Enterprise SSO Login > Enterprise Domain

Enter your Enterprise Domain and click Connect

You will automatically be routed to your Identity Provider to sign in. Once you have successfully authenticated to the IdP, you will be routed to your Keeper vault.

SSO Initiated Login

Log in to your existing Single Sign-On identity provider as you normally do.

Simply click the Keeper icon to launch the Keeper application and you will be routed to your Keeper vault.

Device Approvals

If you sign into Keeper on a new platform, you may encounter a "device approval" notification (SSO Cloud Users Only). If you are attempting to log in on an unrecognized device or browser, a device approval must take place before you can proceed to your Keeper vault. Users have two methods of approval to choose from, Keeper Push or Admin Approval.

If you select Keeper Push, a notification (push) will be appear in your vault at an approved device or browser. Select Yes to approve the new device.

Alternatively, if you select Admin Approval, your Keeper Admin will receive notification for approval. Once the device has been approved, you will be able to proceed to your Keeper Vault.