Keeper Security 

Keeper Security Configuration 

Configure IdP & SP 

Keeper Security is integrated with Ironchip via SAML protocol. In order to do this integration, both parties, i.e. Keeper security and Ironchip must have their SAML parameters configured, in this case Ironchip will work as a Identity Provider and Keeper Security will be constituted as a service provider.

To begin with the integration, proceed to create a new SAML service in the Ironchip Dashboard, look for the application section in the left menu and create a new custom application of type SAML giving it a descriptive name.

createGroup

To obtain SP Metadata file, locate your SSO Connect Cloud Provisioning method within the Keeper Admin Console, and select View. From there you have access to download the Keeper metadata. file.

saml-view

Upload metadata file to a public Internet direction and provide the URL by adding it to the Metadata URL field in the Add new service dialog.

Then, download the metadata file by clicking on the lower left button of the dialog.

createGroup

When you have downloaded the Ironchip IdP metadata file, head back to the Keeper Admin console, locate your SSO Connect Cloud Provisioning method and select Edit.

saml-edit

Scroll down to the Identity Provider section, set IDP Type to GENERIC, select Browse Files and select the Metadata file you downloaded.

saml-metadata

Users attributes 

Keeper requires that you map specific User Attributes to be sent during authentication. Default Keeper SSO Connect Cloud User Attributes are Email, First and Last, but with Ironchip you only need the user’s Email with this attribute urn:oid:0.9.2342.19200300.100.1.3