Setting up a Self-Hosted Enpass Hub and integrating with the Admin Console

Enpass Hub is a supplementary server that enables the following additional features for Enpass Business with self-hosting options particularly suited for large enterprises:

Security Audit Dashboard for organization-wide password health & overall security score
Access recovery (if a user loses their Master Password)
Enhanced, simplified vault sharing (without having to provide vault passwords)

Your IT department can set up your Hub as a local server (in which case no Hub data leaves your infrastructure), or your Hub can be securely host on Enpass severs. The Enpass Hub does not host your organization’s password vaults — only encrypted vault keys and metadata that enables these additional features — so either way, your passwords and other sensitive information never leave your trusted cloud or local storage.

The steps below are for an IT Team setting up Enpass Hub on a local Linux server. If you're planning to have Enpass host your Hub, see Setting up an Enpass Hub hosted by Enpass.

Step 1: Set up a Linux server as your Enpass Hub

For Enpass Hub to be deployed, first the server must be configured, including installing and configuring Docker, configuring an .env file, and configuring SSL, among several other steps.
Instructions for Setting up a Linux server to be your Enpass Hub

Step 2: Create Server Admin for Enpass Hub

Having successfully deployed the Enpass Hub server, the next step is to create an administrator for the server, to access, manage, and configure your deployment.
Instructions for Creating a Server Administrator for your Enpass Hub

Step 3: Create an Organization Connector

After creating the server administrator, create secure channels for your Hub to connect with your Enpass Admin Console and with your team’s Enpass apps by creating an Organization Connector on the Hub server.
Instructions for creating an Organization Connector for your Enpass Hub

Step 4: Integrate Enpass Hub

Having configured and deployed the Enpass Hub server, you can now integrate your Hub with your Enpass Admin Console, providing access to the Enpass features enabled by the Hub.
Instructions for integrating the Enpass Hub with your Enpass Admin Console

Step 5: Enable Security Audit and Secure Vault Sharing

It’s time to start turning on Hub-enabled features! Security Audit (insights into password health throughout your organization), and Secure Vault Sharing (securely share vaults with just a few clicks).
Instructions for enabling Security Audit and Secure Vault Sharing

Step 6: Authenticating your Enpass app with the Enpass Hub

Now that the Hub and Admin Console are working together, you need to authenticate your own Enpass app with the Hub before completing this last two steps.
Instructions for authenticating your Enpass app with the Enpass Hub

Step 7: Set up Access Recovery

Access Recovery enables teammates who have lost their Master Passwords to request a password reset to retain access to their vaults.
Instructions for enabling Access Recovery in the Enpass Admin Console

Step 8: Authorize additional Recovery Admins

This is the last step! But it's an important one: If your organization has only one Recovery Admin, and they become unavailable or lose access (forgets their password, exits your organization), it will become impossible to manage Access Recovery for your employees.
Instructions for adding Recovery Admins in the Enpass Admin Console