Keeper SSO Connect
Enhancing and extending Single Sign-On deployments with secure zero-knowledge password management and digital vault capabilities. Keeper SSO Connect integrates seamlessly with popular identity providers such as Azure, Okta, ADFS, Ping, JumpCloud and G Suite.
Keeper + SSO = 100% Coverage
If your organization already uses an SSO solution or is thinking of implementing one, you should pair it with Keeper's secure password manager. An SSO by itself has major functional and security gaps.
Keeper Fills the Security Gaps in SSO
When an SSO and Enterprise Password Management solution is used together, they cover secure authentication and end-to-end encryption across every cloud application, native application and further, the protection of metadata and files in a ubiquitous digital vault.
How Keeper SSO Connect Works
Keeper SSO Connect is a SAML 2.0-compatible service provider application that is compatible with all SSO identity providers. Users simply authenticate into the IdP and then seamlessly login to Keeper Password Manager.
Keeper's flexible node architecture, just-in-time provisioning and role-based access permissions allow admins to provision certain users through SSO and others through Master Password-based login.
- Provision users for either SSO or Master Password authentication
- Provide offline vault access when SSO is not available
- Dynamically provision vaults through SCIM
- Apply role-based access policies such as IP whitelisting and 2FA
- Keeper devices obtain SSO Connect URLs
- Keeper devices connect to Keeper SSO Connect service provider
- Keeper SSO Connect SP delegates authentication to identity provider
- Identity provider validates user
- Keeper devices obtain access to vault from service provider
- Key provided to device for decrypting vault