Ping - SAML Tutorial
- Log in to the Knock Admin Dashboard as an admin.
- Production: https://dashboard.knock-ai.com/settings/administration/security/sso-provider
- Staging: https://dashboard.stg.knock-ai.com/settings/administration/security/sso-provider
- In a new tab, open the PingOne Admin Console (admin account required).
- In PingOne, go to Applications → Applications.
- Click + (Add Application) to create a new application.
Create the Ping Identity SAML app (Ping)
- In App details:
- App name: Knock AI
- Upload the Knock AI logo (download it from the Knock SSO setup page).
- Under Application Type, choose SAML Application, then click Configure.
- When prompted for the SAML configuration, download the metadata XML from the Knock SSO setup page and upload it into Ping (Import Metadata), then save.
Copy Ping IdP metadata into Knock (Knock)
- Once the application is created, click Download Metadata in Ping.
- Go back to the Knock SSO setup page and upload that IdP metadata XML into the Metadata field, then click Next.
Finish + test (Ping + Knock)
- In Ping, on the Attribute Mapping tab, click Edit and set saml_subject to Email Address.
- In Ping, on the Access tab, click Edit and grant access to the users/groups that should have access to Knock AI.
- In Knock, click Test Connection.
- When the test succeeds, choose whether SSO is Required or Optional, then Activate the SSO integration.
✅ Done — Ping Identity SAML is now connected. Users can sign in using SSO (and email sign-in if you set SSO to Optional).