Configuring SAML for PortalGuard
The below steps will allow you to configure single sign-on (SSO) with PortalGuard. This will enable your users to automatically log in to the KMSAT console for their security awareness training.
Note: Make sure the email address that your users use to authenticate with SAML is either entered into the Email field or Email Aliases field of their user profile. However, only the email address listed in the Email field will receive training notification emails. For more information about adding information to user profiles, see our User Profile Guide.
To enable SAML/SSO on your account, please follow the instructions in our How to Set Up SAML Single Sign-on for the Security Awareness Training Platform article.
To configure SSO with PortalGuard, follow the steps below:
- On the General tab, enter the following information in the appropriate fields:
Identifiers KnowBe4 Binding POST Assertion Consumer URL
Enter your callback URL. To locate this URL, navigate to Account Settings > SAML in your KMSAT console.
- Click Save.
- Click the Identity Claims tab.
- On this tab, enter the following information in the appropriate fields:
Attribute Store PCIC AD (LDAP) Claims Name ID mail(0). Please note that this information should be entered in the Direct Field box.
- For the Name ID Claim Settings, create a new normal claim using Email-String: mail(0).
Don't select the Send as NameID check box for this new claim.