Menu

How Do I Enable SSO/SAML for Google Suite (Google Apps)?

Avatar
Katie Brennan
Updated
Follow

How to Setup Google Apps SAML Connector to KnowBe4 for SSO

 

1. Login to https://admin.google.com and select Apps.

 

 

2. Select SAML apps, and then New App (Plus Button in lower right corner).

 

 

3. Scroll through the list until you find KnowBe4, and select.

 

 

4. Download the IDP metadata file. You'll need information from it later. Click Next.

   

 

5. The Application Name, Description, and app-id will be displayed, click Next.

 

6. Fill out the fields with the appropriate information specified below. Enable Signed Response by selecting the checkbox then click Next.

 

  • ACS URL:
    You can obtain this under your KnowBe4 account settings:
    • Log in to your KnowBe4 admin account.
    • Click your email address on the top-right, then click Account Settings.
    • Scroll to the SAML section of your settings and copy the Callback Link.
      • Example: https://training.knowbe4.com/auth/saml/xxxxxxxxxxxx/callback

  • Entity ID: KnowBe4

  • Start URL:
    You can obtain this under your KnowBe4 account settings:
    • Log in to your KnowBe4 admin account.
    • Click your email address on the top-right, then click Account Settings.
    • Scroll to the SAML section of your settings and copy the Sign in URL.
      • Example: https://training.knowbe4.com/auth/saml/xxxxxxxxxxxx

  • Signed Response: ENABLE

  • Name ID: Basic Information – Primary Email
  • Name ID Format: EMAIL

 

  

 

7. Add the following Attribute Mapping, then click FINISH:

            name_id  |  Basic Information  |  Primary Email

 

9. Turn SAML App ON for everyone or for some organizations.

 

 

10. Confirm that you'd like to turn on the SAML App (Note: Google states that this may take up to 24 hours to propagate to all users).

 

11. Notify KnowBe4 that you'd like to set up SSO on your account by opening up a new support ticket. Provide the following information in the support ticket (you can find this information on the IDP metadata file you downloaded in Step 4):

1. The SHA1 fingerprint 

    • Example:A1:2B:C3:D4:E6:F7:88:GG:H9:76:4A:2D:CF:AB:A6:A0:20:88:00

2. The SSO URL

 

Still need assistance? Contact support.

Have more questions? Submit a request

Comments

0 comments

Please sign in to leave a comment.

Related articles