Custom SAML SSO

Hi

I have setup SSO using Oauth2 for Knack on several occasions but today I have the requirement to use an Identity Provider that only offers SAML.

One of the fields needed in the Identity Provider setup is a Service provider identifier (Entity ID). I have tried many different options for this but nothing I try works.

Has anyone successfully configured this and knows what should be entered here. It seems it is out of scope for Knack support.

Thanks

The entity ID is needs to match what you put in the “Issuer” field in the Provider Settings of the Custom SSO set up page in Knack. I typically use the URL of the base app.

Hi Deanna

That is what is says in your documentation but it does not work like that. I have now discovered that I need to take the value from the xml download off of the Knack signin page as shown below…

It now works.

ds:KeyInfo

ds:X509Data
ds:X509CertificateMIIDBTCCAe2gAwIBAgIJAOuhZqxcvrLYMA0GCSqGSIb3DQEBCwUAMDgxNjA0BgNVBAMTLTc4RjlE MDAwLWVmYTliOGRhLTE3NjctNDBmZC04N2JlLWU4ZWFmMDE3MWJmZDAeFw0yNTAxMjUxNzUzMzFa Fw0zNTAxMjYxNzUzMzFaMDgxNjA0BgNVBAMTLTc4RjlEMDAwLWVmYTliOGRhLTE3NjctNDBmZC04 N2JlLWU4ZWFmMDE3MWJmZDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALWnWfyTLuZs cV9l4HP7mk5Bpkipx+bg37i2b0YXtCY7ItcUyancP2VJq6IXMqLGUtejEljgZampV8rv8lpGxxvV HIGHkGONeZO7YlQ/D8zu5t2bg/hiT3YlOq2Ts8q0LT+ZGDJu2q0UolbgDbBdG5XfKeXgCwo9ZHml Ddm+Q+y4qxWTEmQ3kays+kpt2mlxXTQFLQmzqhYL2iFDnD0U1xwmJx8k9wWBRXoNQmm4wOGMrabP KYsYBy+P+DS47yI2vX7TocmwR/SbYdKCQhEhPgCxdYwAGePTh2/i9n/p76QzDsi5bNIJaFH84Y8I yhGEz09ZvLY06S9/+Esk/piQWRkCAwEAAaMSMBAwDgYDVR0PAQH/BAQDAgeAMA0GCSqGSIb3DQEB CwUAA4IBAQA+1avhtazLDrv5zZZWy/urhiL1s4aHMnwMTGMv++5l8Cov7coI7yTg/s3qJsAoZHyq vzjPgOySjLHfNduvba/MYxk+twYXIigvOZihUJ9nodIzoelxqdIArvXrqF6MEPySW8SK7XgBK7Yu wcWWiAfyu3zzCdvNLM8mzllgS+rzlSGXoDnfx3RC6P8gaIuEwSRwk2vtQTRHfwjBSFrA2YJsK4AH jTfURnXQtl6yF8ucfWrtQ7naI98TlnYJak0DSiJZq4SVV7ZIua9s1tSsdniBrPiSttLlqWfjNtsW AE7wXcR6nEPXo1XcbJf9X7sIImpSiZe0QZMF2t895uHL6zJo </ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>

urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress