<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=1098061211415180&amp;ev=PageView&amp;noscript=1">
Skip to content
English
Log a support ticket Sign in
Go to knowby.co
  • There are no suggestions because the search field is empty.

Enabling Single Sign-On (SSO) for Knowby with Google Workspace

This guide outlines the steps to enable SSO for your organisation using Google Workspace. Depending on your organisation's security configuration, you will follow one of two paths: Standard User Consent or Admin-Managed Trust.

Scenario 1: Standard User Consent

Suitable for: Organisations that allow employees to authorise third-party applications from verified developers independently.

  1. Start the Login: Navigate to the Knowby sign-in page and select "Sign in with Google".

  2. Authenticate: Choose your company Google account and enter your credentials.

  3. Review the Consent Screen: Because Knowby is a Verified Developer, you will see the Knowby logo and verified branding on the "Sign in with Google" prompt.



  4. Allow: Review the requested permissions (e.g., "See your primary Google Account email address"). Click Continue.

  5. Success: You are now logged in. Knowby will remember your choice for future sessions.

 

Scenario 2: Admin-Managed Trust (High Security)

Suitable for: Environments where user consent is disabled or for IT Admins who want to authorise Knowby for the entire organisation at once.

Option A: The "Trusting the App" Workflow (App Access Control)

If users see an "Access Blocked" error, an IT Admin must manually trust Knowby's Client ID.

  1. Admin Console: Log in to the Google Admin Console.

  2. Navigate to API Controls: Go to Security > Access and data control > API controls.

  3. Manage Third-Party App Access: Click Manage App Access.

  4. Configure New App: Click Configure new app.

  5. Search & Trust: Enter the Knowby Client ID and click Search:

    Knowby Client ID: 571132428963-02vkd15tic6gbrpl501ft1vdol3k2d2f.apps.googleusercontent.com


  6. Set Access: Click on the Knowby Pro app.

  7. Set the scope to the desired organisational units then click Continue.
  8. Choose Trusted then click Continue:
  9. Review the configuration, then click Finish.

Option B: Proactive Domain-Wide Delegation (Zero-Touch)

Admins can bypass the consent screen entirely for all users by "delegating authority".

  1. Manage Delegation: In the Google Admin Console, go to Security > Access and data control > API controls

  2. Click Manage Domain Wide Delegation.

  3. Add New Client: Click Add new 

  4. Then paste the Knowby Client ID provided below.

    Knowby Client ID: 571132428963-02vkd15tic6gbrpl501ft1vdol3k2d2f.apps.googleusercontent.com

  5. Enter Scopes: In the OAuth Scopes field, enter the following:

    openid

    https://www.googleapis.com/auth/userinfo.email

    https://www.googleapis.com/auth/userinfo.profile


  6. Authorise: Click Authorise. All users in your domain can now log in instantly without a consent prompt.

 

Security Note for Admins

Knowby utilises Google's standard OAuth 2.0 protocol. By trusting the Client ID or using Domain-Wide Delegation, you maintain central control over application access while removing sign-in friction for your team.