Single Sign On (SSO)

How to setup SSO in Knack for Microsoft Entra

Getting Started with SSO

  • Create a ServiceNow ticket with CTM to create a new Knack app if it does not exist in Entra yet

    • Include App Name, assign to ESA, and who should be added as a Configuration Owner. Owner permissions are required to setup SSO in Entra.

Example CTM Ticket to ESA team

Configure a New App

Configuring a new Knack App with certificates
  • Configure SSO on a Knack Login Page (home login page is great candidate)

    • All Certs are stored in 1Password

    • Once you complete the initial setup and download the metadata file, consult the Apps Team Wiki for documentation on how to setup an app, and SSO, in Microsoft Entra.

    • After completing setup in Microsoft Entra, you will grab the IP Cert from the metadata file from Entra, format it, replace the temporary IP cert in Knack, and save it to 1Password

After configuring SSO, make sure each login page (point of entry) in your Knack app is SSO enabled with the checkmark. Also make sure you have the JS/CSS code necessary to render the login buttons.

Enabling SSO in KnackCODE: Login Buttons/App Setup

Re-Configure all the Apps

Completed every 2 years in mid June.

Configuring new certificates for all Knack Apps - When certs expire!SSL Certificate Creation

Last updated

Was this helpful?