Configuring SSO with Azure Active Directory (AD)?
The below steps will allow you configure single sign-on with your Azure Active Directory. This will allow you to enable your users to automatically sign-in to KnowBe4 for their security awareness training. You'll also be able to control in your Active Directory who has access to KnowBe4.
You'll need an Azure AD subscription to follow the steps below. Note that these screenshots represent the classic Azure portal view.
First, add KnowBe4 from the gallery.
To add KnowBe4 from the gallery, first login via the classic portal at https://manage.windowsazure.com then complete the following steps:
- Under All Items, select your domain.
- Click on APPLICATIONS.
- Click + ADD on the bottom toolbar.
- Click Add an application from the gallery.
- Search for KnowBe4.
- Enter a DISPLAY NAME for the app (such as KnowBe4).
- Click the checkmark icon at the bottom-right.
Then, configure Azure AD Single Sign-On.
To configure Azure AD single sign-on with KnowBe4, complete the following steps:
- On the KnowBe4 application integration page in the Azure classic portal, click Configure single sign-on to open the Configure Single Sign-on dialog.
- On the "How would you like users to sign on to KnowBe4?" page, select Microsoft Azure AD Single Sign-On, and then click the arrow to move on to the next step.
- Next, obtain your unique SSO Sign In URL by completing the following steps:
- Log into your KnowBe4 admin account.
- Click your email address on the top-right and click Account Settings.
- Scroll down to the SAML section and obtain your unique SSO Sign In URL.
- Once you obtain the SSO Sign In URL for your account, complete the following steps on the Configure App Settings page:
- In the SIGN ON URL text box, enter the URL you obtained in step 3 above. Example: https://training.knowbe4.com/auth/saml/xxxxxxxxxxxx
- In the IDENTIFIER text box, enter: KnowBe4 (Note: this is case-sensitive)
- Click the arrow to move on to the next step.
- On the "Configure single sign-on at KnowBe4" page, obtain the below information:
- Thumbprint from the certificate
- SINGLE SIGN-ON SERVICE URL
- To get SSO configured for your application, you need to paste the information you copied in step 5 to a new KnowBe4 support ticket. Your ticket should include a note that you'd like to enable SSO on your account, and provide the Thumbprint and the Single Sign-On Service URL to the KnowBe4 team.
- Click the checkbox to confirm you've configured single sign-on, and then click the arrow to move on to the next page.
- Click Complete.
- KnowBe4 will respond to your support ticket as soon as SSO is enabled on your account.
Assign users to KnowBe4.
To add users to KnowBe4, complete the following steps:
- Assign access to this application for users or groups
Still need assistance? Submit a support ticket.