Search

Personal Links

slack button (do not delete)

Google Workspace - SAML Tutorial

Google Workspace - SAML Tutorial

Google Workspace - SAML Tutorial

  1. Log in to the Knock Admin Dashboard as an admin. https://dashboard.knock-ai.com/settings/administration/security/sso-provider
  2. In a new tab, open the Google Admin Console: https://admin.google.com (admin account required).
  3. In Google Admin, go to Apps → Web and mobile apps.
  4. image
  5. Click Add app → Add custom SAML app.
  6. image

Create the Google Workspace SAML app (Google)

  1. In App details:
    • App name: Knock AI
    • Upload the Knock AI logo (download it from the Knock SSO setup page).
    • image
  2. In Google Identity Provider details, download the IdP metadata file (XML).
  3. image
  4. Back in the Knock SSO setup page, upload that IdP metadata XML into the Metadata field, then click Next.

Configure the service provider details (Google, using values from Knock)

  1. In Google Admin, continue to Service provider details.
  2. Copy these values from the Knock SSO setup page and paste them into the matching Google fields:
    • Knock ACS URL → Google ACS URL
    • Knock Entity ID → Google Entity ID
  3. In Google Admin, set:
    • Name ID format: EMAIL
    • Name ID: Basic Information → Primary email
    • image
  4. Click Continue.

Finish setup + test (Google + Knock)

  1. In Google Admin, for SAML attribute mapping, you can click Continue (unless you have custom attributes to map).
  2. After the app is created, under User access, click View details and choose which users / groups can access Knock AI.
  3. image
  4. In Knock, click Test Connection.
  5. Once the test succeeds, choose whether SSO is Required or Optional, then Activate the SSO integration.

✅ Done — Google Workspace SAML is now connected. Users can sign in using SSO (and email sign-in if you set SSO to Optional).

image