Introduction

Overview

Single sign-on (SSO) services enable you to manage your team’s identity across all your SaaS products.

With an SSO service, a user can access multiple applications using one set of credentials (for example, an email address and password). The SSO service authenticates the user once for all the applications the user has been given rights to and eliminates further prompts when the user switches applications during the same session.

An example of SSO is Google's sign-in implementation for products like Gmail, YouTube, and Google Drive. Any user signed in to one of Google's products is also automatically signed in to their other products.

SSO with Knot

The identity provider (IdP) must support the SAML 2.0 standard. Today, Okta is the only supported IdP.

SSO setup for SAML 2.0 compliant IdPs

Most SAML 2.0 compliant identity providers require the same information about the service provider for setup - Knot being the service provider in this case.

While configuring your IdP, make sure to set your user's email address in SAML attributes and claims. Knot expects to receive an email address from your IdP to identify the user. Even if you configure SSO, email/password and Google oAuth 2.0 authentication methods remain enabled for your team.