LogoLogo
Get Demo
  • 💫NEXT-GENERATION PRODUCT
    • Introduction
    • Getting Started
      • 1. Invite System Users
      • 2. Add Target Users
        • Add Users via CSV
        • Add users via SCIM
          • SCIM Setup in Azure AD
          • SCIM Setup in Okta
          • SCIM Setup in Onelogin
          • SCIM Setup in Jumpcloud
        • Add users via LDAP
        • Add Users via API
      • 3. Email Deliverability
        • Microsoft 365
          • M365: Direct Email Creation
          • M365: Whitelisting
        • Google Workspace
          • Google: Direct Email Creation
          • Google: Whitelisting
        • Exchange 2013 and 2016
      • 4. Track Opened Emails
      • 5. Allow Phishing URLs
        • Whitelist for Office 365
        • Whitelist for Google Workspace
        • Whitelist for Exchange 2013/2016
        • Whitelist in Security Solutions
      • 6. Setup Phishing Reporter
        • Step 1. Download Phishing Reporter
        • Step 2. Deploy Phishing Reporter
          • How to Deploy Add-In in Microsoft 365
          • How to Deploy Add-In in Exchange Admin Center
          • How to Deploy Add-In in Google Workspace
          • How to Deploy Add-In in Outlook
            • Troubleshooting Phishing Reporter Add-In on Outlook Desktop
      • 7. Incident Responder Setup
        • Step 1. Integrate Threat Intel Partners
        • Step 2. Mail Configurations
          • Microsoft 365
          • Google Workspace (Gsuite)
          • Exchange (EWS)
    • Platform
      • Dashboard
        • Dashboard Widgets
        • Incident Responder Widgets
        • Threat Sharing Widgets
        • Phishing Simulator Widgets
      • Threat Intelligence
      • Email Threat Simulator
        • Start Scan
        • View Scan Report
        • Create Trusted Account on Exchange
        • Start Scan on O365 Email Account
        • Start Scan on Google Workspace Email Account
      • Threat Sharing
        • Communities
        • Incidents
      • Phishing Simulator
        • Manage Phishing Scenarios
          • Phishing Scenarios
          • Email Templates
          • Landing Pages
        • Phishing Campaign Manager
        • Phishing Campaign Reports
        • Settings
          • DNS Services and Domains
          • Exclude IP Address
      • Callback Simulator
        • Manage Callback Scenarios
          • Callback Scenarios
          • Callback Email Templates
          • Callback Templates
        • Callback Campaign Manager
        • Callback Campaign Reports
        • Settings
          • Callback Phone Numbers
      • Vishing Simulator
        • Vishing Templates
        • Vishing Campaign Manager
        • Vishing Campaign Reports
      • Smishing Simulator
        • Manage Smishing Scenarios
          • Smishing Scenarios
          • Text Message Templates
          • Landing Page Templates
        • Smishing Campaign Manager
        • Smishing Campaign Reports
        • Settings
          • Manage DNS and Domains
          • Exclude IP Addresses
      • Quishing Simulator
        • Manage Quishing Scenarios
          • Quishing Scenarios
          • Quishing Templates
          • Quishing Landing Page Templates
        • Quishing Campaign Manager
        • Quishing Campaign Reports
        • Settings
          • DNS and Domains
          • Excluding IP Address
      • Awareness Educator
        • Training Library
        • Enrollments
        • Certificates
        • Training Reports
        • Training Completion Queries
      • Incident Responder
        • Incident Responder Dashboard
        • Investigations
        • Integrations
        • Playbook
        • Mail Configurations
          • Microsoft 365
          • Exchange
          • Google Workspace
        • Cross Company Integration
      • Phishing Reporter
        • Phishing Reporter Customization
        • Phishing Reporter Deployment
          • How to Deploy the Add-in in Microsoft 365
          • Phishing Reporter Page View Failure Due to Deprecated Exchange Online Tokens
          • Microsoft Ribbon Phishing Reporter
          • How to Deploy the Add-in in Exchange Admin Center
          • How to Deploy the Add-in in Google Workspace
          • Phishing Reporter Announcement Email Template
        • Diagnostic Tool
        • Integrating Microsoft Phishing Reporting Button with Keepnet
        • Troubleshooting Phishing Reporter on Outlook Desktop
      • Reports
        • Advanced Reports
        • Executive Reports
        • Scheduled Reports
        • Gamification Report
      • Company
        • Target Users
        • Companies
          • Company Groups
        • Company Settings
          • Privacy
            • Account Privacy
            • Data Privacy
          • AI Ally Settings
          • SMTP Settings
          • Direct Email Creation
            • Direct Email Creation for Google Workspace
            • Direct Email Creation for Microsoft 365
          • Notification Templates
          • Google User Provisioning
          • REST API
          • White Labeling
          • Proxy Settings
          • SAML Settings
            • How to Configure SAML on ADFS
            • How to Configure SAML on Google Workspace
            • How to Configure SAML on Azure AD
            • How to Configure SAML on CyberArk
            • How to Configure SAML on Okta
          • SCIM Settings
            • Getting Started with SCIM
            • Azure AD SCIM Integration
            • Okta SCIM Integration
            • Onelogin SCIM Integration
            • Jumpcloud SCIM Integration
          • SIEM Integrations
            • Splunk Integration
            • Syslog Integration
          • LDAP
          • Allowed Domains
        • System Users
          • People
          • Roles
        • Audit Log
        • Job Log
      • Free Phishing Email Analysis Service
    • Miscellaneous
      • Whitelisting
        • How to Whitelist an IP Address in Office 365
        • How to Whitelist an IP Address in Exchange 2013 and 2016
        • How to Whitelist an IP Address in Google Workspace
        • How to Whitelist in Mimecast
        • Whitelisting in Other Security Solutions
        • Whitelisting the Pictures on Microsoft Outlook Apps
        • Keepnet Tools Whitelisting Guidelines
        • Understanding Email Delivery Errors
        • Tracking Email Opens in Phishing Simulations
      • User Profile
      • Multi-Factor Authentication (MFA) Settings
      • On-Premise Requirement Checker
      • Platform Requirements
        • Portal UI Requirements
        • Phishing Reporter Requirements
        • Diagnostic Tool Requirements
      • Maintenance Tool
      • Understanding the Preferred Language Setting
  • 📚RESOURCES
    • Platform Security
    • Volume & Performance
    • Customer Help Desk
    • Product Update/Maintenance
    • Research Methodology
    • Release Notes
      • 2025
      • 2024
      • 2023
      • 2022
      • 2021
      • 2020
  • ⚖️Legal Hub
    • For Customers
      • Customer Terms of Service
      • Product Specific Terms
      • Jurisdiction Specific Terms
      • Data Processing Agreement
      • Regional Data Hosting Policy
      • Product and Services Catalog
      • Acceptable Use Policy
      • Keepnet Security Program
      • Microsoft CoPilot Usage Policy
    • For Everyone
      • Website
        • Terms of Use
        • Privacy Policy
        • Cookie Policy
      • Free Phishing Email Analysis
        • Terms of Service
        • Privacy Policy
      • Transparency Report
Powered by GitBook

Copyright © Keepnet Labs LTD. All rights reserved.

On this page
  • About SAML
  • How to Configure SAML
  • Configuration Details
  • SAML Configuration For Platform
  • SAML Configuration For Your Identity Provider
  • SAML Integration Documents
  • FAQ
  • Q: An admin can't login to platform over SAML and sees a "Your account not registered..." message.
  • Q: Does the platform still require MFA with SSO/SAML integration?

Was this helpful?

Export as PDF
  1. NEXT-GENERATION PRODUCT
  2. Platform
  3. Company
  4. Company Settings

SAML Settings

This document explains the functionality of the SAML feature as well as how to set up a SAML to log in to the platform without using email/password credentials.

About SAML

The platform supports single sign-on (SSO) authentication, which enables administrative users to log in to applications quickly and securely in a single session, without the need to use additional passwords.

How to Configure SAML

From the main menu, go to Company > Company Settings > SAML Settings and then click the + NEW button to create a new SAML configuration.

The details of the SAML configuration edit page are provided in the table below.

Configuration Details

SAML Name

Name of the SAML configuration

Allowed Domains

Domain names authorized for SSO use

SAML Configuration For Platform

The information that has been provided by the identity provider must be defined to the platform.

Upload Metadata

Metadata provided by the identity provider can be used to automatically complete required fields.

Issuer URL of the IdP

URL information that must be provided manually if not uploaded in the metadata file

IdP SSO URL

Authentication address that must be provided manually if not uploaded in the metadata file

Upload Certificate

Certificate to be used for authentication if not uploaded in the metadata file

IdP Certificate

If the certificate file for validation couldn’t be uploaded, the certificate can be written as text in this field.

SAML Configuration For Your Identity Provider

The information that has been provided by the platform must be defined to the identity provider.

Download Metadata

Metadata file containing all of the required information. The file can be used by the identity provider to get all required information automatically.

Idp Entity ID

If the identity provider doesn’t allow a metadata file to be uploaded, Idp Entity ID information can be defined from this field.

SSO Sign-in URL

If the authenticator service does not allow a metadata file to be uploaded, the SSO login page URL address information can be defined from this field.

Metadata URL

URL address of the metadata file containing all of the information required by the identity provider.

Bypass SSO Login URL

The URL address can be used to log in to the platform without SSO.

SAML Attributes Mapping

The attributes given in this field should be mapped on the identity provider and must be matched.

Default Role

Permission level of users who will log in to the system for the first time using SSO

Enable SAML SSO

The SAML setting can be inactivated if there is no more SSO use needed.

SAML Integration Documents

The SAML integration documents for most used identity providers are listed below to assist admins to set up SAML between their identity provider and platform successfully.

FAQ

Q: An admin can't login to platform over SAML and sees a "Your account not registered..." message.

A: The admin email address must be created in the platform under the Company > System Users page in order to log in to the platform over SAML authentication.

Q: Does the platform still require MFA with SSO/SAML integration?

A: No, MFA is only required for email and password logins. With SSO/SAML, all authentication, including MFA, is managed by the SSO provider.

PreviousProxy SettingsNextHow to Configure SAML on ADFS

Last updated 5 months ago

Was this helpful?

The privileges of the automatic account generated for admins who log in to the system using SSO can be defined in the Default Role field. The Custom Roles can be created to restrict the privileges, please see more .

💫
here
How to Configure SAML on ADFS
How to Configure SAML on Google Workspace
How to Configure SAML on Azure AD