Keeper Documentation Portal

Home

• Keeper Documentation: End-User Guides, Administrator Guides and Release Notes for All Keeper Products and Services

User Guides

• Keeper End-User Guides: Guides for consumer and business end-users on desktop and mobile devices.
• System Requirements: The system requirements for Keeper applications are listed below.
• Quick Start Guides: The following Quick Start Guides will walk you through the setup steps and main features of Keeper for Web Vault & Desktop App, iOS, and Android.
• Web Vault & Desktop App: This Quick Start Guide will walk you through the setup steps and main features of the Keeper Web Vault & Desktop App, linking additional resources throughout for more detailed instructions.
• iOS - iPhone & iPad: This Quick Start Guide will walk you through the set up steps and main features of the Keeper iOS App, linking additional resources throughout for more detailed instructions.
• Android - Phone & Tablet: This Quick Start Guide will walk you through the setup steps and main features of Keeper's Android App, linking additional resources throughout for more detailed instructions.
• Enterprise End-User: This end-user guide was created for Enterprise customers who login to Keeper using a Master Password.
• Enterprise End-User (SSO): This end-user guide was created for Enterprise customers who deploy Keeper through an existing Single Sign-On Identity Provider (IdP) such as Azure, ADFS or Okta.
• Web Vault & Desktop App: A comprehensive guide for the Keeper Web Vault and cross-platform, Keeper Desktop Application.
• Browser Extensions: User guides for the KeeperFill Browser Extension for Chrome, Firefox, Safari, Microsoft Edge, Opera and other Chromium-based browsers.
• Install for Chrome: Installation instructions for KeeperFill for Chrome, Brave and other Chromium-based browsers.
• Install for Firefox: Installation instructions for KeeperFill for Firefox.
• Install for Safari: Installation and usage instructions for the KeeperFill extension on Safari.
• Install for Edge: Installation instructions for KeeperFill for Edge.
• Install for Opera: Installation instructions for KeeperFill for Opera.
• Enterprise Deployment: Deploying the Browser Extension through group policy
• KeeperFill for Apps: This guide provides an overview of the main features of KeeperFill for Apps, a convenient tool used to enhance your experience using the Keeper Desktop App on Mac and Windows OS.
• iOS - iPhone & iPad: A comprehensive guide for Keeper for Apple iOS (iPhone, iPad) devices.
• Autofill & Passkey Setup for iOS: Setup guide for Keeper's autofill & passkey features, KeeperFill for Apple iOS (iPhone, iPad) devices.
• Android Phone & Tablet: Comprehensive guide for Keeper on Android phones and tablets.
• Autofill & Passkey Setup for Android: How to Set Up Autofill on Android
• Record Types: How to create and manage new types of records in your vault
• Sharing: With Keeper's powerful record sharing capabilities, users can securely share their records and folders with family, friends, co-workers and others across all devices, with ease.
• Nested Share Subfolders: Coming Soon With Early Access Available by Request
• Time-Limited Access: Time-Limited Access allows you to securely share records and folders with other Keeper users on a temporary basis.
• One-Time Share: Time-limited secure sharing of a record with anyone even if they don't have a Keeper account.
• Self-Destructing Records: Self-Destructing Records allow you to share records with users outside of Keeper, while automatically deleting the record from your vault and disabling the share link at specified time.
• Vault Offline Access: Offline access is a common use case for users who require vault access in poor network conditions.
• Security Audit: Security Audit provides password security strength reporting in your vault.
• BreachWatch: User guide for BreachWatch on Keeper's Web Vault & Desktop App.
• Secure File Storage: User guide for Keeper's Secure File Storage for Web Vault & Desktop App, iOS and Android.
• Emergency Access: Give trusted family and friends access to your Keeper Vault.
• Keeper Family Plan: This guide provides an overview of Keeper's Family Plan, including how to sign up, invite family members and accept account invitations.
• KeeperChat: This guide provides a look at the benefits and features of KeeperChat, Keeper's secure messaging solution.
• Notification Center: The notification center consolidates important in-app messages for the Keeper platform
• Passkeys: How to store and manage your passkeys with Keeper
• Keeper Forcefield: End-user guide for Keeper Forcefield - Windows Endpoint Protection for Sensitive Data
• Troubleshooting: This guide provides basic troubleshooting solutions to some of the more common questions users may have.
• Reporting Autofill Issues: How to report autofill issues to Keeper
• Troubleshoot Extension Issues: Steps to provide Keeper Support with Browser Extension debug information.
• Troubleshooting Vault Issues: Troubleshooting instructions for troubleshooting vault issues.
• Master Password Reset & Account Recovery: How to recover your Keeper account
• Hardware Security Keys on Mobile: Support for FIDO2 security keys on Keeper for mobile devices.
• Clearing Your Browser Cache: Clear the browser and extension cache to reset Keeper on your device using Keeper's browser extension tool.
• Website Developers: Helpful info for website developers
• Tips & Tricks: This guide provides access to our top "tips & tricks" and assists users in optimizing their experience with Keeper on both desktop and mobile devices.
• Protecting your Keeper Vault: Recommendations for protecting access to your vault
• Stay Logged In: This guide reviews how to enable the new Stay Logged In feature and extend your Logout Timer setting.
• Protecting TOTP Codes: Keeper protects TOTP codes for multi-factor authentication into sites and services.
• Using Keeper TOTP with Azure or Office 365: How to use Keeper to manage TOTP codes for protecting your Office 365 accounts.
• Changing Passwords Using KeeperFill
• Free Family License for Personal Use: This guide provides an overview of how Enterprise and Business users can create a free, Keeper Family Plan and once created, how to easily switch between their Keeper accounts.
• One Record with Multiple URL Domains
• KeeperFill Right-Click Context Menu
• Keyboard Shortcuts
• Resetting Keeper Desktop App: Learn how to reset Keeper on Mac and Windows.
• Log In to Keeper With Windows Hello: How to configure Keeper Desktop with Windows Hello biometric login.
• Login to Keeper on macOS with Touch ID: How to login to Keeper with Touch ID on your Mac
• Using Windows Hello or Touch ID with SSO: Logging in with Windows Hello to a vault tied to SSO.
• Logging in with DUO: User guide for Enterprise customers who login using DUO for Two-Factor Authentication.
• Social Media Management: This guide will review Keeper's most common use cases for social media management.
• Use Cases: This document covers the most common use cases for the Keeper Enterprise product.
• Uninstall Keeper: Instructions for how to uninstall Keeper.
• Import Overview: Import Passwords, Folders and Shared Folders into Keeper
• Import from Mobile Apps: Keeper supports password import from iOS and Android devices.
• Import from Chrome, Firefox, Edge, Safari: Instructions on how to import your passwords from popular browsers.
• Import from Chrome via Export: This guide details how to manually export saved passwords from Chrome and import them to Keeper.
• Import Text File (.csv, .xls, .tsv): Instructions on how to import from a text file.
• Import/Export Keeper JSON: Instructions on how to import and export a Keeper JSON structured file
• Import from 1Password: Instructions on how to import your passwords from 1Password to Keeper
• Import from Avast: Instructions on how to import your passwords from Avast Passwords to Keeper
• Import from Bitwarden: Instructions on how to import your passwords from Bitwarden to Keeper
• Import from CyberArk: Import Accounts from CyberArk Safes using Microsoft PowerShell and the CyberArk PACLI utility.
• Import from Dashlane: Instructions on how to import your passwords from Dashlane to Keeper
• Import from EnPass: Instructions on how to import your passwords from EnPass to Keeper
• Import from Kaspersky: Instructions on how to import your passwords from Kaspersky to Keeper
• Import from KeePass (.kdbx): Instructions on how to import passwords from KeePass encrypted .kdbx files to Keeper
• Import from KeePass .XML: Instructions on how to import your passwords from KeePass .XML to Keeper
• Import from LastPass: Instructions on how to import your passwords from LastPass to Keeper
• Import from MacPass: Instructions on how to import your passwords from MacPass to Keeper
• Import from mSecure: Instructions on how to import your passwords from mSecure to Keeper
• Import from MyKi: Instructions on how to import your passwords from MyKi to Keeper.
• Import from Passpack: Instructions on how to import your passwords from Passpack to Keeper.
• Import from Passportal: Instructions on how to import your passwords from Passportal to Keeper
• Import from Password Boss: Instructions on how import your password from Password Boss to Keeper
• Import from Proton Pass: Instructions on how to import passwords from Proton Pass to Keeper
• Import from Psono: Instructions on how to import your passwords from Psono to Keeper
• Import from RoboForm: Instructions on how to import your passwords from RoboForm to Keeper
• Import from Safari via Export: This guide details how to manually export saved passwords from Safari and import them to Keeper.
• Import from SplashID: Instructions on how to import your passwords from SplashID to Keeper
• Import from Sticky Password: Instructions on how to import your passwords from Sticky Password to Keeper.
• Import from True Key: Instructions on how to import your passwords from True Key to Keeper.
• Import from ZOHO: Instructions on how to import your passwords from ZOHO to Keeper.
• Import from Commander CLI: Automated import through the Keeper Commander CLI
• Microsoft Store App
• Vault Export: Export and Reporting Capabilities
• Shared Records Report: Audit your Shared Records

Enterprise and MSP Guide

• Keeper Enterprise and MSP Guide: Keeper is the leading zero-trust and zero-knowledge identity security and Privileged Access Management (PAM) platform
• Start Your Trial: Creating a trial of Keeper Business and MSP
• Keeper for Teams and Small Business: This quick start guide will help get your small business team up and running with Keeper Business in just minutes
• Keeper Enterprise: Keeper is a cybersecurity platform for preventing password-related data breaches and cyberthreats.
• Subscriptions: Keeper's Subscriptions tab in the Admin Console gives eligible administrators the ability to manage, purchase, and upgrade their organization's Keeper licenses directly — without leaving the console.
• Resources: Resources for getting started with Keeper Business and Enterprise edition
• Keeper Encryption and Security Model Details: The full details of Keeper’s encryption and security model are outlined below, with block diagrams, implementation details and additional resources.
• Implementation Overview: High level steps for successful rollout of Keeper Enterprise
• On-Prem vs. Cloud: Which components of Keeper are on-premise versus Cloud-based?
• Domain Reservation: Reserve the use of domains for privacy and security
• Keeper Admin Console Overview: The Keeper Admin Console provides administrative controls, user onboarding, reporting and auditing.
• Nodes and Organizational Structure: Keeper's node architecture scales for organizations of all sizes
• User Management and Lifecycle: Managing users and lifecycles in the Keeper Admin Console
• User and Team Provisioning: User provisioning is flexible and powerful with Keeper Enterprise
• Custom Invite and Logo: Configure a custom invite email and logo before inviting users
• Custom Email - Markdown Language
• Simple Provisioning through the Admin Console: Provision users and create teams from the Keeper Admin Console.
• Active Directory Provisioning: Keeper AD Bridge supports automatic provisioning of nodes, roles, teams and users across any size Active Directory environment.
• LDAP Provisioning: Keeper AD Bridge supports automatic provisioning of nodes, roles, teams and users from any LDAP service.
• SSO JIT (Just-in-Time) Provisioning: Keeper supports just-in-time automatic provisioning and seamless authentication with any identity provider
• API Provisioning with SCIM: Keeper supports direct SCIM API provisioning for any 3rd party identity provider
• Using SCIM API Provisioning: This page contains information on how to use Postman, a popular API platform to provision your users into your Keeper tenant.
• Okta Provisioning: Keeper supports SAML 2.0 Authentication and SCIM provisioning with the Okta platform.
• Entra ID / Azure AD Provisioning: Keeper supports SAML 2.0 Authentication and SCIM provisioning with the Azure AD / Entra ID platform.
• Google Workspace Provisioning: Keeper supports SAML 2.0 Authentication and SCIM provisioning with the Google Workspace platform.
• JumpCloud Provisioning: Keeper supports SAML 2.0 Authentication and SCIM provisioning with JumpCloud
• CloudGate Provisioning: Keeper supports SAML 2.0 Authentication and SCIM provisioning with CloudGate UNO
• OneLogin Provisioning: Keeper supports SAML 2.0 Authentication and SCIM provisioning with the OneLogin platform.
• Microsoft AD FS Provisioning: Keeper supports SAML 2.0 Authentication and SCIM provisioning with Microsoft AD FS
• Team and User Approvals: Manual and Automated approval of SCIM or Bridge-provisioned Users & Teams
• Email Auto-Provisioning: Basic provisioning of users based on email address
• CLI Provisioning with Commander SDK: Keeper Commander is an open-source Python SDK which can perform many vault and administrative functions within the Keeper system.
• Deploying Keeper to End-Users: Methods for deploying the Keeper app to end-user devices.
• Desktop Applications: Methods for deploying Keeper to user desktops
• Launch on Start Up: You can launch the Keeper Password Manager automatically when you start your computer.
• Forcefield: Deploying the Forcefield endpoint protection software to users
• Browser Extension (KeeperFill): KeeperFill makes it easy to login, save passwords and access your vault on web browsers.
• Mac: Deploying KeeperFill to macOS devices using device management platforms
• PLIST (.plist) Policy Deployment: Deploying KeeperFill to Chrome via PLIST Policy
• Kandji: Deploying Keeper Browser Extension via Kandji
• Jamf Pro Policy Deployment - Chrome: Deploying Custom Configuration Profiles using Jamf Pro
• Microsoft Intune Policy Deployment - Chrome: Deploying Custom Configuration Profiles using Microsoft Intune
• Linux: Deploying KeeperFill to Linux devices using device management platforms
• JSON Policy Deployment - Chrome: Deploying KeeperFill via JSON Policy
• Windows: Deploying KeeperFill to Windows devices using device management platforms
• Intune - Chrome: Deploy the Keeper browser extension to Google Chrome using Microsoft Intune
• Intune - Edge: Deploy the Keeper browser extension to Microsoft Edge using Microsoft Intune
• Group Policy Deployment - Chrome: Deploying KeeperFill via Group Policy
• Group Policy Deployment - Firefox: Deploying KeeperFill via Group Policy
• Group Policy Deployment - Edge: Deploying KeeperFill via Group Policy
• SCCM Deployment - Chrome: This page describes how to deploy the Keeper Browser Extension with SCCM
• Edge Settings Policy: Configuration settings for Edge Browser Extension
• Chrome Settings Policy: Configuration settings for Chrome Browser Extension
• Virtual Machine Persistence: Persisting KeeperFill settings on virtualized desktops
• Mobile Apps: Deployment of mobile apps through Intune
• IBM MaaS360: Deploy Keeper to mobile phones
• Optional Deployment Tasks: Other Policy Driven Deployment Tasks
• IE11 Trusted Sites: Policy Requirements for IE11 Trusted Sites
• End-User Guides: Links to end-user guides for mobile and desktop devices.
• SSO / SAML Authentication: Federate login to Keeper with any SAML 2.0 compatible identity provider (IdP)
• Two-Factor Authentication: Keeper provides several 2FA options that can be enforced at the role level.
• Delegated Administration: Overview of role-based Administrative Permissions
• Roles, RBAC and Permissions: Keeper's Least-Privilege Role permissions are both flexible and powerful.
• Enforcement Policies: Role Enforcement Policies
• Security Keys: Additional information regarding FIDO2 Security Keys in Keeper
• Teams (Groups): Keeper Teams allow you to share privileged accounts among pre-defined user groups
• Email Address Changes: Best practices for handling end-user email changes in bulk
• Account Transfer Policy: Transfer the contents of a vault to another Keeper user
• Creating Vault Records: How to create, manage, import and export data in your Keeper vault
• Storing Two-Factor Codes: Keeper provides encrypted 2FA code storage for websites and applications.
• Record Types: How to create and manage new types of records in your Vault
• Importing Data: Importing passwords and other private information into your Keeper Vault
• Sharing: Business users can securely share their records and folders with co-workers, contractors and partners across all devices
• Record and File Sharing: Individual record and file sharing and ownership transfer in the Keeper Vault
• Classic Folders: Private folder and shared team folders in the Keeper Vault
• Nested Share Subfolders: Coming Soon With Early Access Available by Request
• PAM Resource Sharing: Sharing access to servers, databases, workloads and web applications with Keeper
• One-Time Share: Time-limited secure sharing of a record to anyone without having to create a Keeper account
• Share Admin: Elevated rights to Shared Folders and Records
• Time-Limited Access: Time-Limited Access allows you to securely share records, folders and PAM resources with other Keeper users on a temporary basis.
• Self-Destructing Records: Self-Destructing Records allow you to share records with user's outside of Keeper, while automatically deleting the record from your vault and disabling the share link at specified time
• Hiding Passwords: Methods of hiding passwords from end-users in the Keeper platform
• Secure File Storage & Sharing: Secure File Storage and sharing capabilities for Enterprise and public sector
• Vault Offline Access: Offline access is a common use case for organizations who require vault access in poor network conditions or when SSO is unavailable.
• Risk Management Dashboard: Enhanced Risk Visibility With Keeper’s Risk Management Dashboard
• Security Audit: Password security strength reporting in the Admin Console
• Security Audit Score Calculation: Information on how the security scoring is calculated in the Admin Console
• BreachWatch (Dark Web Monitoring): Zero-knowledge dark web breach scanning for Keeper Enterprise
• Reporting, Alerts & SIEM: Keeper's Advanced Reporting and Alerts Module (ARAM) provides advanced event logging to meet compliance requirements.
• Event Descriptions: Detailed ARAM Event Logs with Example data
• AWS S3: Integrating Keeper SIEM push to an Amazon S3 bucket endpoint
• Microsoft Sentinel
• Microsoft Sentinel with Azure Marketplace: Quick setup instructions for integrating Keeper SIEM events with Microsoft Sentinel through the Azure Marketplace
• Azure Monitor for Microsoft Sentinel (for GovCloud): Integration of Keeper ARAM events with Azure Monitor
• Legacy Azure Sentinel: Integrating Keeper SIEM event pushes to Azure Sentinel and Log Analytics
• CrowdStrike Falcon Next-Gen SIEM: Integrating Keeper SIEM push to Crowdstrike Falcon Next-Gen SIEM
• Datadog: Integrating Keeper SIEM push to Datadog
• Devo: Integrating Keeper SIEM push to Devo
• Elastic: Integrating Keeper SIEM push to Elastic
• Exabeam (LogRhythm): Integrating Keeper SIEM push to Exabeam
• Google Security Operations (Chronicle): Integrating Keeper SIEM push to Google Security Operations (formerly Chronicle)
• Jira ITSM: Automated security incident management for Jira to convert Keeper Security alerts into actionable tickets.
• Logz.io: Integrating Keeper SIEM push to Logz.io
• QRadar: Integrating Keeper SIEM event pushes to IBM QRadar
• ServiceNow ITSM: Secure ingestion of security and incidents alerts into ServiceNow SIR
• Splunk: Integrating Keeper SIEM push to Splunk Enterprise
• Sumo Logic: Integrating Keeper SIEM push to Sumo Logic
• Syslog: Integrating Keeper SIEM push to standard Syslog endpoints
• Firewall Configuration: Ingress Requirements for direct SIEM push
• On-site Commander Push: SIEM event push to local or on-prem endpoints using Keeper Commander
• Recommended Alerts: Best Practices and Recommended Alerts for Advanced Reporting System
• Compliance Reports: Compliance Reports provide on-demand visibility of the access permissions associated with your enterprise records.
• Keeper Security Benchmarks and Recommended Security Settings: Administrative recommendations for Keeper Security policies and settings
• Keeper IPs: IP Allow lists for Keeper network communications
• Integrations: Technology and security integrations with Keeper Enterprise and KeeperPAM
• Webhooks: Integrate Keeper Webhook events into Slack, Microsoft Teams and other cloud services.
• Slack Webhooks: Send Keeper advanced reporting and alert notifications to Slack
• Teams Webhooks: Send Keeper advanced reporting and alert notifications to Microsoft Teams
• Amazon Chime Webhooks: Send Keeper advanced reporting and alert notifications to Amazon Chime chats
• Discord Webhooks: Send Keeper advanced reporting and alert notifications to Discord
• Commander CLI: Keeper Commander CLI and SDK overview
• Developer API / SDK Tools: Keeper maintains a robust open source SDK for many command-line, integration and DevOps use cases.
• Authentication Flow V3: Version 3 of Keeper’s login and authentication flow: Advanced Authentication and Vault Security
• Secrets Manager: Manage and protect your cloud infrastructure with zero-trust and zero-knowledge security.
• Keeper Connection Manager: Instantly access your infrastructure with zero-trust security
• KeeperPAM: KeeperPAM (Privileged Access Management) secures and manages access to your critical resources, including servers, web apps, databases and workloads.
• Just-In-Time Workflow: Workflow gives organizations enterprise-grade control over privileged access — enforcing approvals, time-bound limits, and automatic credential rotation to achieve zero standing privilege.
• Keeper Forcefield: Enterprise Guide for Forcefield - Endpoint Protection for Sensitive Data
• KeeperChat: The world's most secure messaging app for all of your devices.
• Keeper MSP: Keeper MSP is the most secure cybersecurity and password management platform for preventing password-related data breaches and cyberthreats.
• Free Trial: Sign up for a free Keeper MSP trial license
• Getting Started: Quick start guide for Keeper MSP
• Fundamentals
• Consumption-Based Billing: Keeper's unique billing platform will track your account’s daily license usage and bill you monthly, in arrears.
• Secure Add-Ons: Keeper's Secure Add-Ons provide comprehensive visibility, security and control, all within one unified platform - with zero-trust and zero-knowledge security.
• Existing MSP Admins: This page will guide existing MSPs as they migrate to our upgraded platform with new features and billing improvements.
• Onboarding: Keeper MSP Onboarding Process
• PSA Billing Reconciliation: Reconcile your Keeper and PSA Billing with Gradient MSP
• Join the Slack Channel: Join the Keeper Slack Channel
• Next Steps: Keeper MSP - Where to go from here
• Offboarding: Deletion or Isolation of Managed Companies
• Commander CLI/SDK: Keeper Commander CLI for Managed Service Providers
• Account Management APIs: APIs for MSPs and Distributors to manage accounts
• MSP Best Practices: Keeper MSP Best Practices and General Recommendations
• Migrating from LastPass: Keeper has created tools to assist in migration from LastPass to Keeper.
• Free Family License for Personal Use: Enterprise users can create a free Keeper Family Plan and easily switch between their business and personal Keeper account
• Provision Family plans via API: API access to creating free family plans associated to a business account
• Provision Student plans via API: A Guide for Universities with Keeper Enterprise
• API Troubleshooting
• API Parameters
• API Response Codes
• API Explorer - Swagger
• Training and Support: Keeper is customer-focused and we are fanatical about support.
• Keeper SCORM Files for LMS Modules: Step-by-step instructions to import Keeper SCORM files into your Learning Management System (LMS).

KeeperPAM and Secrets Manager

• KeeperPAM: KeeperPAM is a modern, cloud-based Privileged Access Manager
• Setup Steps: Accessing the KeeperPAM platform
• Quick Start: Sandbox: Quickly and easily get started with a pre-configured PAM setup in your vault
• Getting Started: Getting Started with KeeperPAM fundamentals
• Architecture: Technical details on the KeeperPAM platform architecture
• Architecture Diagram: Keeper Password Rotation architecture diagram and data flow
• Vault Security: Security and encryption model of the Keeper Vault
• Router Security: Security and encryption model of the Keeper Router
• Gateway Security: Security and encryption model of the Keeper Gateway service
• Connection and Tunnel Security: Security and encryption model of Connections and Tunnels
• KeeperPAM Licensing: Features included with the PAM License
• Enforcement Policies: Role-based enforcement policy settings for KeeperPAM
• Vault Structure: Understanding the Keeper Vault structure and organization for KeeperPAM
• Record Linking: KeeperPAM migration of records to new linked format
• Applications: Secrets Manager Applications with KeeperPAM
• Devices: Keeper Secrets Manager Devices with KeeperPAM
• Gateways: Installation and setup of the Keeper Gateway
• Creating a Gateway: Creating a Keeper Gateway
• Gateway with Docker: Instructions for installing Keeper Gateway on Docker
• Gateway with Podman: Instructions for installing Keeper Gateway on Podman
• Gateway on Linux Native: Instructions for installing Keeper Gateway on Linux with native packages
• Gateway on Windows: Instructions for installing Keeper Gateway on Windows
• Gateway on Azure Container Instance: Instructions for installing Keeper Gateway on an Azure Container Instance
• Gateway on Azure Container App: Azure Container Apps (ACA) provides a serverless, managed platform for the Keeper Gateway, offering native High Availability (HA) and built-in secret encryption.
• Gateway on AWS ECS: Instructions for installing Keeper Gateway on an AWS ECS
• Auto Updater: Instructions for installing and configuring the Auto Updater for the Keeper Gateway.
• Scaling and High Availability: Enable HA Scaling on the Keeper Gateway
• Sharing Gateways: Sharing the Keeper Gateway with other admins
• Alerts and SIEM Integration: Monitoring Gateway events and integrating with your SIEM
• Health Checks: Monitoring the Keeper Gateway using health checks
• Gateway Environment Variables: Supported environment variable for the Keeper Gateway
• Advanced Configuration: Advanced Keeper Gateway Configurations
• Gateway Configuration with AWS KMS: Storing and protecting the Keeper Gateway Configuration using AWS KMS
• Gateway Configuration with Custom Fields: Advanced configuration of the Keeper gateway with Keeper Vault custom fields
• Proxy Configuration: Configure Keeper Gateway to route traffic through corporate HTTP/HTTPS proxy servers for air-gapped or restricted network environments.
• PAM Configuration: Creating a PAM Configuration in the Keeper Vault
• AWS Environment Setup: Setting up your AWS environment to work with KeeperPAM
• Azure Environment Setup: Setting up your Azure environment to work with KeeperPAM
• Google Cloud Environment Setup: Setting up your Google Cloud environment to work with KeeperPAM
• Local Environment Setup: Setting up your Local environment to work with KeeperPAM
• PAM Resources: Guide for using PAM Resource Records in the Keeper Vault for privileged access functionality.
• PAM Machine: KeeperPAM resource for managing machines on-prem or in the cloud
• Example: Linux Machine: Configuring SSH Server as a PAM Machine Record
• Example: Azure Windows VM: Configuring an Azure Windows VM as a PAM Machine Record
• PAM Database: KeeperPAM resource for managing databases either on-prem or in the cloud
• Example: MySQL Database: Configuring MySQL DB as a PAM Database Record
• Example: PostgreSQL Database: Configuring PostgreSQL DB as a PAM Database Record
• Example: Microsoft SQL Server Database: Configuring Microsoft SQL Server DB as a PAM Database Record
• PAM Directory: KeeperPAM resource for managing directory services, either on-prem or in the cloud
• PAM Remote Browser: KeeperPAM resource for managing remote browser isolation access to a protected web application
• PAM User: Record Type Details for PAM User Record Type
• SaaS Configuration: Automatically rotates credentials for supported cloud-based services.
• Access Controls: KeeperPAM Access Control Implementation
• Password Rotation: Keeper password rotation capabilities with Keeper Secrets Manager
• Rotation Overview: Quick start guide to Keeper Password Rotation
• Rotation Use Cases: Step by step guides for performing rotation on any target system
• Local Network: Password Rotation in the Local Network Environment
• Active Directory or OpenLDAP User: Rotating Active Directory or OpenLDAP user accounts remotely using KeeperPAM
• Windows User: Rotating Windows User Accounts on Local Network
• Linux User: Rotating Linux User Accounts on Local Network
• macOS User: Rotating Local Mac User Accounts with Keeper Rotation
• Database: DB credential Rotation in the Local Environment
• Native MySQL: Rotating Local Network MySQL database accounts with Keeper Rotation
• Native MariaDB: Rotating Local Network MariaDB database accounts with Keeper Rotation
• Native PostgreSQL: Rotating Local Network PostgreSQL database accounts with Keeper Rotation
• Native MongoDB: Rotating Local Network MongoDB database accounts with Keeper Rotation
• Native MS SQL Server: Rotating Local Network Microsoft SQL Server database accounts with Keeper Rotation
• Native Oracle: Rotating Local Network Oracle database accounts with Keeper Rotation
• Azure: Password Rotation in the Azure Environment
• Azure AD Users: Rotating Azure AD Admin and User passwords with Keeper
• Azure VM User Accounts: Rotating local and remote user accounts on Azure Virtual Machines with Keeper
• Azure Managed Database: Rotate Azure Managed Database credentials with Keeper
• Azure SQL: Rotating Admin/Regular Azure SQL Database Users with Keeper
• Azure MySQL - Single or Flexible Database: Rotating Admin/Regular Azure MySQL Single or Flexible Database Users with Keeper
• Azure MariaDB Database: Rotating Admin/Regular Azure MariaDB Database Users with Keeper
• Azure PostgreSQL - Single or Flexible Database: Rotating Admin/Regular Azure PostgreSQL Single or Flexible Database Users with Keeper
• Azure Client Secret Rotation: Automatically rotate the secret of an Azure app using Keeper rotation
• AWS: Password Rotation in the AWS Environment
• IAM User Password: Rotating AWS IAM account passwords with Keeper
• Managed Microsoft AD User: Rotating AWS Managed Microsoft AD Service accounts with Keeper
• EC2 Virtual Machine User: Rotating AWS EC2 Virtual Machine accounts with Keeper
• IAM User Access Key: Automatically rotate AWS access keys using Keeper Secrets Manager rotations
• Managed Database: Rotating AWS RDS accounts with Keeper
• AWS RDS for MySQL: Rotating Admin/Regular AWS SQL Database Users with Keeper
• AWS RDS for SQL Server: Rotating Admin/Regular AWS SQL Server Database Users with Keeper
• AWS RDS for PostgreSQL: Rotating Admin/Regular AWS PostgreSQL Database Users with Keeper
• AWS RDS for MariaDB: Rotating Admin/Regular AWS MariaDB Database Users with Keeper
• AWS RDS for Oracle: Rotating Admin/Regular AWS Oracle Database Users with Keeper
• Google Cloud: Password Rotation in the GCP Environment
• GCP Principal User Password: Rotating Google Workspace user account passwords with Keeper
• Managed Microsoft AD User: Rotating Google Cloud Managed Microsoft AD Service accounts with Keeper
• Google Compute Virtual Machine User: Rotating Google Compute Virtual Machine accounts with Keeper
• Cloud SQL Database User: Rotating Google Cloud SQL Database user accounts with Keeper
• Cloud SQL for MySQL: Rotating Admin/Regular AWS SQL Database Users with Keeper
• Cloud SQL for SQL Server: Rotating Admin/Regular AWS SQL Server Database Users with Keeper
• Cloud SQL for PostgreSQL: Rotating Admin/Regular AWS PostgreSQL Database Users with Keeper
• Active Directory: Rotating Active Directory user accounts remotely using KeeperPAM
• SaaS Plugins: Automate password rotation for SaaS applications and custom integrations.
• SaaS Configuration Field Reference: Instructs for SaaS Configuration record setup based on target service
• SaaS Rotation via Commander: Performing SaaS Rotation using the Commander CLI
• Custom and Community Plugins: Developing a custom SaaS rotation plugin for the Keeper platform
• Service Management: Managing the credentials of Windows services and scheduled tasks
• Post-Rotation Scripts: Perform privileged automation tasks with Post-Rotation scripts and password rotation
• Rotation Rollback: Configure if the gateway rotation rollback behavior
• Inputs and Outputs: Description of the input parameters passed into PAM Scripts
• Attaching Scripts: Attaching post-rotation scripts to PAM resource records
• Code Examples: Examples of post-rotation scripts in KeeperPAM
• Example: Cisco IOS XE: Example post-rotation script for Cisco devices
• Connections: Instantly access your infrastructure with zero-trust security from your Keeper Vault
• Getting Started: Getting Started with configuring connections on your PAM Record types
• Session Protocols: Details on the available connection protocols in KeeperPAM for interactive privileged sessions
• SSH Connections: Keeper Connections - SSH Protocol
• RDP Connections: Keeper Connections - RDP Protocol
• MySQL Connections: Keeper Connections - MySQL Protocol
• MariaDB Connections: Keeper Connections - MariaDB Protocol
• SQL Server Connections: Keeper Connections - SQL Server Protocol
• PostgreSQL Connections: Keeper Connections - PostgreSQL Protocol
• Oracle Connections: Keeper Connections - Oracle Protocol
• VNC Connections: Keeper Connections - VNC Protocol
• Telnet Connections: Keeper Connections - Telnet Protocol
• Kubernetes: Keeper Connections - Kubernetes
• Authentication Methods: Different methods of authentication with Keeper Connections
• Connection Templates: Create Launch-ready connection templates
• Examples: Example connection records
• SSH Protocol - Linux Machine: Establish a connection to a Linux Machine directly from your Vault
• RDP Protocol - Azure Virtual Machine: Establish a connection to an Azure Virtual Machine directly from your Vault
• MySQL Protocol - MySQL Database: Establish a connection to a MySQL Database directly from your Vault
• PostgreSQL Protocol - PostgreSQL Database: Establish a connection to a PostgreSQL Database directly from your Vault
• Just-In-Time Access (JIT): KeeperPAM Just-In-Time Access and Zero Standing Privilege
• Workflow: Configure approval workflows to control how privileged access is requested, approved, and used.
• Ephemeral Accounts and Privilege Elevation: Configure temporary accounts and elevated permissions for zero standing privilege access.
• Time-Limited Access with Automated Credential Rotation: Grant time-bounded access to resources with credentials that are automatically rotated when access expires.
• Elevated Access on Endpoints: Control privilege elevation on end-user devices with Keeper Privilege Manager.
• Tunnels: Create a secure and encrypted TCP/IP connection to your target endpoint from your Vault
• Remote Browser Isolation: Securely access web-based applications through a rendered, isolated browser experience
• Setting up RBI: Setting up RBI in your Desktop Vault
• URL Patterns & Resource URL Patterns: Allowed URLs and Resources in the Remote Browser Isolation session
• Browser Autofill: Autofill credentials into Remote Browser Isolation sessions
• Session Recording & Playback: Graphical and Text Based Session Recordings
• SSH Agent: Streamline SSH access to your managed infrastructure with Keeper's built-in SSH agent
• Integration with Git: Keeper SSH Agent integration for Git Authentication and Commit Signing
• Discovery: Discover machines, databases, accounts and services across your on-prem and cloud infrastructure
• Discovery Basics: Setting up KeeperPAM for Discovery
• Discovery using Commander: Performing resource discovery through Keeper Commander CLI
• Discovery using the Vault: Running Discovery using the Keeper Vault user interface
• Discovery Rules Engine: This enables scalable automation, so admins don’t have to manually review large discovery results.
• Universal Secrets Sync: Synchronize Shared Secrets to Cloud Secret Management Services
• Universal Secrets Sync Basics: Setting up KeeperPAM for Universal Secrets Sync
• Universal Secrets Sync using Commander: Performing USS through Keeper Commander CLI
• Universal Secrets Sync using the Vault: Running USS using the Keeper Vault user interface
• KeeperAI: AI-powered threat detection for KeeperPAM privileged sessions
• KeeperDB: Passwordless zero-trust database access, monitoring, and AI-assisted administration with KeeperDB
• Integration with KeeperPAM: Step by step instructions for integrating KeeperDB with KeeperPAM
• Integration with Secrets Manager: Step by step instructions for integrating KeeperDB with Keeper Secrets Manager
• KeeperDB Proxy: Passwordless zero-trust database access through Keeper tunnels using any native tools
• On-Prem Connection Manager: Manage a self-hosted version of Keeper Connection Manager
• References
• Deploying KeeperPAM in Air-Gapped Environments
• Port Mapping: Defining alternative ports in PAM Configurations
• Setting up SSH: Example guide for setting up SSH on target machines
• Setting up WinRM: Example guide for setting up WinRM on target machines
• Gateway Network Configuration
• Setting up SQL Server: Allowing the Keeper Gateway to access Microsoft SQL Server on port 1433
• Database Import and Export: Data can be imported to a DB connection from a file on your machine, or exported and downloaded to you machine.
• Installing sqlcmd on Linux: Installing sqlcmd for accessing SQL Server from a Linux machine
• Installing Docker on Linux: Quick setup instructions for Docker on Linux environments
• Creating KSM App for Rotation: Steps to create a Keeper Secrets Manager application for rotation of passwords
• Active Directory Least Privilege: Granting a service account the minimum permissions to rotate
• Event Reporting: Keeper rotation event reporting in the Advanced Reporting & Alerts module
• Importing PAM Resources: How to bulk import KeeperPAM resources
• Using a CSV Template: Use our script to convert a CSV template to a JSON file for PAM Project commands
• Adding PAM Resources to an Existing Model: Add Content to an Existing PAM Setup instead of creating a New Model
• Import Connections from KCM: Import KCM Connections and Connection Groups into an existing PAM Project.
• Managing Rotation via CLI: Managing rotation settings on individual and bulk records using Keeper Commander
• ITSM Integration: Integrating KeeperPAM with ITSM platforms such as ServiceNow
• Vendor Privileged Access Management: How KeeperPAM provides Vendor Privileged Access (VPAM)
• Commander SDK: Managing rotation with the Commander CLI / SDK interface
• Cron Spec: Automated password rotation using Cron Specification
• Preview Access: How to access the Preview version of KeeperPAM
• Overview: Endpoint Privilege Manager is a Privileged Elevation and Delegation Management (PEDM) solution
• Getting Started: Installation and setup of Privileged Elevation and Delegation Management (PEDM)
• Create Approvers, Collections, & Policies: This section covers how to set up approvers, collections, and policies so you can control who can approve requests and how policies apply to users, machines, and applications.
• Deployment Packages, the Agent, & Requests
• Reference Targeting
• Policies
• Jobs & Applications
• Plugins & Settings
• Security
• Deployment: Deploying the Keeper Agent to your endpoints
• Deploy with Windows: Deploying Keeper EPM on Windows
• Deploy with macOS: Deploying Keeper EPM on macOS
• Deploy with Linux: Deploying Keeper EPM on Linux
• Collections: Managing groups of protected resources for Endpoint Privilege Manager
• Policy: Applying least privilege policies to your users and machines
• Policy: Controls
• Policy: Status
• Policy: Path Variables & Protected Paths
• Policy: Wildcards
• Policy: Types
• Agentic AI Governance
• Command Line: Understanding the Keeper command-line policy setup and usage
• Emergency Access
• File Access: File access policy management
• File Access Redirect
• Keeper Updates
• Least Privilege: Understanding the Keeper least privilege policy setup and usage
• Privilege Elevation: Understanding the Keeper Privilege Elevation policy setup and usage
• Advanced Policy Types
• Custom
• HTTP Access
• Update Jobs
• Update Settings
• Policy: Phased Rollout Planning
• Policy: Examples
• Enable and Start the Watchdog Service: Example policy for configuring the watchdog service
• Allowing Silent Elevation for .msi Automated Installer Processes: Example policy for .msi automated installer processes
• Global Allow File Access with Require Approval: Example policy for global file access allow
• Global Deny File Access: Example policy for global file access deny
• Global Privilege Elevation Justification Policy for Specific Application(s): Example policy for global privilege elevation on application collections
• Living off the Land File Access Justification: Example policy for "Living Off the Land" (LOTL) scenarios
• Advanced Examples: Advanced examples of policy controls including jobs and settings
• Create, Modify, or Delete Job: Advanced configuration of KEPM Jobs
• Policy-Based Agent Settings Control: Advanced configuration of KEPM Agent Settings
• Using PowerShell Jobs as Custom Policy Filters: Advanced configuration of KEPM to run custom PowerShell during policy evaluation
• Policy-Based File Execution Redirection: Advanced configuration of KEPM elevations using a File Redirect
• Variables & Wildcards: Advanced configuration variables and wildcards for use in KEPM policies
• Managing Requests: Day to day management of Keeper Privilege Manager elevation requests
• Integrations
• Overview
• AI Trainer
• Custom Job Guide
• Custom Plugin Guide
• HTTP Reference Guide
• Examples
• Job: Minimal Linux
• Job: Minimal macOS
• Job: Minimal Windows
• Job: Schedule & Startup
• Job: Schedule Only
• Job: with Event Topic
• Plugin: Minimal Linux
• Plugin: Minimal macOS
• Plugin: Minimal Windows
• Plugin: Command Response MQTT
• Plugin: Manual Start
• Plugin: Install Launcher
• Plugin: Redirect Evaluator
• User Guides
• Airgapped Support
• Backup & Restore
• Configuring the Approval Duration
• Crowdstrike Running Job: Ensure CrowdStrike Falcon Is Running — Job Deployed via Policy
• Enable File Inventory
• macOS: Keeper Trash
• Reading Logs
• Risk Assessment Administration
• Security Hardening
• Troubleshooting
• Windows Defender Running Job: Ensure Windows Defender Is Running — Job Deployed via Policy
• Reference
• Architecture: Endpoint Privilege Manager Architecture Best Practices
• Default Jobs: Default Jobs Deployed with Keeper Privilege Manager
• Job: Definition & Format
• Job: Run Guide KeeperAdminCLI
• Job & Plugin: MQTT Topic Permissions
• Job & Plugin: Registration
• Job & Plugin: Settings Keys
• Local Endpoints
• Localization Service
• macOS Protected Path Design Intent
• macOS: System Extension Configuration
• macOS Two-Layer Bypass Architecture
• Plugin & Task: Settings
• Policy JSON & Extension
• Redirect Capability
• Signed Certificate Support
• Technical Architecture
• Timers & Intervals
• FAQs: Frequently Asked Questions regarding Keeper Endpoint Privilege Manager
• Secrets Manager Overview: Overview of Keeper Secrets Manager (KSM) for IT Admins, DevOps & Developers
• Quick Start Guide: This quick start guide will get you set up with Keeper Secrets Manager
• About KSM: Select a section to learn more about Keeper Secrets Manager
• Architecture: Secrets Manager High Level Architecture
• Terminology: Common terminology that will be referenced throughout this documentation
• Security & Encryption Model: Keeper Secret Manager Security and Encryption Model
• One Time Access Token: Information about the One Time Access Token used to connect client devices to Keeper
• Secrets Manager Configuration: Information about Keeper Secrets Manager configuration files
• Sharing Secrets Manager Applications: Sharing KSM Applications with users
• Keeper Notation: Query format used for getting fields of a secret
• Event Reporting: Integration with the Keeper Advanced Reporting & Alerts Module
• Field/Record Types: A reference of field and record types available to secrets manager.
• Secrets Manager CLI: The Secrets Manager CLI provides shell access to vault secrets
• Profile Command: Setup and initialization of the Keeper Secrets Manager device profile
• Init Command: Initialize a device to interact with the Secrets Manager API
• Secret Command: Manage secrets and file attachments from the Keeper Vault
• Folder Command: Manage folders from the Keeper Vault shared to KSM Applications
• Sync Command: Synchronizes selected keys from Keeper Vault to an external secrets manager
• Exec Command: Execute arbitrary system calls and replaces templated environment variables with Keeper vault secrets
• Config Command: Configure the local Secrets Manager CLI environment
• Version Command: Display Keeper Secrets Manager CLI version information
• Interpolate Command: Replace Keeper notation in template files with actual secret values from your Keeper vault.
• Misc Commands: Use the Keeper Commander CLI for hundreds of Vault and Admin Console commands
• Docker Container: Run the CLI using a Docker conta

… [truncated — open the raw llms.txt above for the full file]