Okta - SAML Tutorial
- Log in to the Knock Admin Dashboard as an admin: https://dashboard.knock-ai.com/settings/administration/security/sso-provider
- In a new tab, open the Okta Admin Console.
- In Okta, go to Applications → Applications and click Create App Integration.
- Choose SAML 2.0.
Create the Okta SAML app (Okta)
- In General Settings:
- App name: Knock AI
- Upload the Knock AI logo (download it from the Knock SSO setup page).
- In Configure SAML in Okta, copy these values from the Knock SSO setup page and paste them into the matching Okta fields:
- Knock Single sign-on URL → Okta Single sign-on URL
- Knock Audience URI (SP Entity ID) → Okta Audience URI (SP Entity ID)
Then click Next → Finish.
Copy Okta IdP metadata into Knock (Knock)
- In Okta, open the newly created Knock AI app.
- Find the Identity Provider metadata section and copy the IdP metadata (use the metadata URL if Knock asks for a URL, otherwise copy the XML).
- Go back to the Knock SSO setup page and paste/provide the Okta IdP metadata in the Metadata field (URL or XML), then click Next.
Finish + test (Okta + Knock)
- In Knock, keep Map claims & Roles as-is (unless you have a specific mapping requirement), then click Next.
- In Okta, assign the Knock AI application to the users/groups that should have access.
- In Knock, click Test Connection.
- When the test succeeds, choose whether SSO is Required or Optional, then Activate the SSO integration.
✅ Done — users can now sign in using SSO (and email sign-in if you set SSO to Optional).