In the process of setting up SSO, we recommend that the User Administrator create an SSO Admin – a dedicated user who has permission to access the SSO configuration. SSO is never enabled for the SSO Admin so he can always sign in to the account with his Keepit credentials. This will ensure that the User Administrator and other users will not get locked out of their account in case SSO is configured incorrectly or an SSO certificate expires.

To create an SSO Admin:

1. Log in to Keepit as a User Administrator.
2. Click the burger icon in the upper-right corner, and select Users.

3. In the pop-up window, select Create user.
4. In the Role field, click the down arrow and select SSO Admin.
5. In the Name field, enter a name for the SSO Admin.
6. In the Login field, enter an email address.
7. In the Password field, enter a password.

Important: The SSO Admin should create a strong password and keep it in a safe and secure place.

8. Confirm the password.
9. Set the Expire time to Unlimited.
10. An SSO Admin is automatically assigned SSO permissions. No other permissions can be added.
11. Click Create user.

To see a step-by-step guide on configuring SSO in Keepit, see the article: How to configure SSO in Keepit