DUO Setup Instructions & FAQ (SSO/SAML)

Set up one-click Knoetic access through Duo!

Your IT team will be required to assist with this configuration.

The following article will outline:

  • How to configure your Duo & Knoetic SAML connection
  • How to create a Bookmark Tile to provide one-click access to our URL

Step-by-Step Setup Instructions

In your Duo Admin Panel account, navigate to Applications.

  1. Click Protect an Application and locate the entry for Generic Service Provider with a protection type of "2FA with SSO hosted by Duo (Single Sign-On)" in the applications list. Click Protect to the far-right to start configuring Generic Service Provider. 
  2. From the Metadata section, download the Certificate and SAML Metadata XML file, and send both to security@knoetic.com. The two files are required to finalize your SSO Setup on our end!

  1. On the Service Provider section, enter the following details:

Entity ID

urn:auth0:knoetic:<company identifier>-duo

Assertion Consumer Service URL

https://login.knoetic.com/login/callback?connection=<company identifier>-duo

Single Logout URL

leave_empty

Service Provider Login URL

leave_empty

* Important: Instead of the <company identifier> text included in the settings above, you should use your company’s custom identifier provided to you by Knoetic.You should replace <company identifier> with your own identifier provider by Knoetic. If for example your identifier was demo, the resulting URLs would follow this pattern: 

https://login.knoetic.com/login/callback?connection=demo-duo

Continue to the next page…

  1. On the SAML Response section, select the following options:

  1. In the Settings section, assign the Name “Knoetic People Analytics” to your application
  2. Hit Save.

All done! Your Duo/Knoetic integration has been set up. Please forward the downloaded metadata to security@knoetic.com and allow us a few days to set things up for you!

Create a Bookmark Tile for Knoetic

We do not currently support IdP-initiated logins, so the default Duo tile created when you add the SAML application will result in an error when used.

Here is a suggested alternative:

  1. Create a Bookmark Tile that directs users to our Knoetic login page
    1. Our login page: https://app.knoetic.com/login
  2. You could also consider using your Knoetic-specific organization login line to skip our login page and take users directly to the platform

Questions?

Email success@knoetic.com to reach out Customer Success & Security team.

Additional Duo FAQs

For further instructions relating to DUO available options, more can be found here:

Duo Single Sign-On for Generic SAML Service Providers 


How did we do?


Powered by HelpDocs (opens in a new tab)