Feature: Shared Team Folders

Simplify and secure collaboration with shared team folders

Whether you're managing a DevOps team, a customer support group or a finance department, shared team folders enable easy sharing without compromising visibility or control.

Start Free Trial

Keeper Vault interface showing the “Office Information” shared folder selected, with the Edit Shared Folder panel open and user permissions dropdown visible.

How shared team folders work

Create a shared folder

From your vault, select Create New > Shared Folder, name the folder and save.

Assign teams of individuals

Use the Manage Users & Records screen to add team members and assign granular permissions.

Add or organise records

Add login credentials, secure notes, files or secrets to the shared folder. Organise using subfolders as needed.

Enforce access policies

Use role-based enforcements to restrict actions like editing or re-sharing.

Monitor and audit activity

Admins can track access and changes in real time, supporting audits and internal security reviews.

Built for collaboration without compromise

Flexible folder hierarchy

Create structured folders and subfolders to align with departments, projects or client groups. Easily scale as your organisation grows.

Keeper Vault list showing the Accounting & Finance Department folder with subfolders and records including Billing Software, Oracle, QuickBooks, Banking, and Google.

Shared folder users list showing Finance Department and individual users, with a permissions dropdown open displaying Permissions options.

Multi-user permissions management

Easily assign teams to shared folders and enforce restrictions like "Can Manage Users," "Can Manage Records", "Can Manage Users & Records" or "No User Permissions" to control access behavior.

Role-based access enforcement

Use Keeper's Role-Based Access Controls (RBAC) to enforce who can create, modify, share or delete content within shared folders. Enforcements are managed centrally from the Admin Console.

Permissions settings panel showing checked options to create and duplicate records, create folders and shared folders, upload files, and generate two-factor codes.

SCIM and directory sync support

Automatically create users, teams and role assignments using SCIM provisioning from platforms like Azure AD, Okta, Google Workspace and more. When an employee changes roles or leaves the organisation, removing them from a team or role instantly revokes access to all shared folders.

Just-In-Time Access

Grant on-demand, time-limited access to records and folders, and automatically rotate credentials once access is revoked.

Access Expiration settings showing a one-hour expiration, scheduled end date and time, password rotation enabled, and email notification on expiration.

Frequently asked questions

Can I restrict editing or sharing of records in a shared team folder?

Yes, admins can set folder-level and record-level permissions, including view-only, edit, share and manage. These can be tailored per user or team.

Can I share a record with multiple teams?

Yes, the same record can be placed in multiple shared folders or subfolders that are assigned to different teams.

What happens when a user is removed from a team?

If a user is removed from a team that has access to a shared team folder, their access to that folder is automatically revoked. This helps maintain tight access control during employee transitions.

Is activity in shared team folders logged?

Yes, all activity within shared team folders, including access, edits, shares and deletions, is logged and available through Keeper's Advanced Reporting & Alerts Module.