Keeper Security Configuration

Configure IdP & SP

Keeper Security is integrated with Ironchip via SAML protocol. In order to do this integration, both parties, i.e. Keeper security and Ironchip must have their SAML parameters configured, in this case Ironchip will work as a Identity Provider and Keeper Security will be constituted as a service provider.

To begin with the integration, proceed to create a new SAML service in the Ironchip Dashboard, look for the application section in the left menu and create a new custom application of type SAML giving it a descriptive name.


To obtain SP Metadata file, locate your SSO Connect Cloud Provisioning method within the Keeper Admin Console, and select View. From there you have access to download the Keeper metadata. file.


Upload metadata file to a public Internet direction and provide the URL by adding it to the Metadata URL field in the Add new service dialog.

Then, download the metadata file by clicking on the lower left button of the dialog.


When you have downloaded the Ironchip IdP metadata file, head back to the Keeper Admin console, locate your SSO Connect Cloud Provisioning method and select Edit.


Scroll down to the Identity Provider section, set IDP Type to GENERIC, select Browse Files and select the Metadata file you downloaded.


Users attributes

Keeper requires that you map specific User Attributes to be sent during authentication. Default Keeper SSO Connect Cloud User Attributes are Email, First and Last, but with Ironchip you only need the user’s Email with this attribute urn:oid:0.9.2342.19200300.100.1.3