Below are the instructions for configuring single sign-on with SecureAuth. If you run into issues enabling SAML through SecureAuth, we recommend reaching out to SecureAuth for specific instructions. You can also contact our support team whenever you need assistance.

1. Log in to your KnowBe4 account and click your email address in the top right corner.
2. From the drop-down menu, select Account Settings.
3. Navigate to the SAML section and expand the SAML Settings tab.
4. Copy your unique SSO Callback (ACS) URL.
5. In a new tab or window, open the SecureAuth Admin Console and navigate to the Post Auth tab within your KnowBe4 realm.
   Note: For more information on creating your KnowBe4 realm, see SecureAuth's Work with SecureAuth IdP realms article.
6. Paste your SSO Callback (ACS) URL that you copied in Step 4 into the Assertion Consumer Service field of our Post Auth tab.
7. Return to your KnowBe4 account settings and copy your SSO Sign-in URL.
8. In your SecureAuth Post Auth tab, paste your SSO Sign-in URL in the SP Stat field.
9. Then, scroll down to the Domain section and enter your identity service provider’s URL. For example, https://secureauth.example.com.
10. Click Metadata File: Download. You will need the information in this file to complete your SAML setup through the KnowBe4 console. Follow the instructions in our Set Up SAML Single Sign-on (SSO) for the Security Awareness Training Console article to finish setting up SAML.
    Note: Make sure the email address that your users use to authenticate with SAML is either entered into the Email or Email Aliases field of their User Profile. However, only the email address listed in the Email field will receive training notification emails. For more information about adding information to user profiles, see our User Profile Guide.