<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=1098061211415180&amp;ev=PageView&amp;noscript=1">
Skip to content
  • There are no suggestions because the search field is empty.

Enabling Single Sign-On (SSO) for Knowby via Generic OpenID Connect (OIDC)

This guide is for organisations that use a custom or generic OIDC-compliant Identity Provider (IdP), such as Okta, Auth0, PingFederate, or Keycloak. By following these steps, you will create a secure connection that allows your team to log in to Knowby using their existing company credentials.

Step 1: Register Knowby in your Identity Provider

Log in to your Identity Provider’s admin console and register Knowby as a new Web Application. Use the following settings during registration:

  • Application Type: Web Application.

  • Grant Type: Authorisation Code (standard for OIDC).

  • Sign-in Redirect URIs: You must add both of the following authorised callbacks to your configuration:

    • https://auth.knowby.one/__/auth/handler

    • https://knowby-pro.firebaseapp.com/__/auth/handler

  • Scopes: Ensure the application is authorised to request the following standard scopes:

    • openid (Required for authentication).

    • profile (To display the user's name).

    • email (To identify the user).


Step 2: Collect your Integration Details

After registering the app, you will need to retrieve the following technical values to provide to the Knowby team:

Technical Field Description Example
Issuer URL The unique "home" URL of your Identity Provider. https://sso.yourcompany.com
Discovery URL The metadata endpoint (usually the Issuer URL + /.well-known/openid-configuration). https://sso.yourcompany.com/.well-known/openid-configuration
Client ID The unique public identifier for Knowby in your system. 0oa1abc2def3ghi4j5k6
Client Secret The secure key used to verify the connection. ABCD-1234-EFGH-5678

Step 3: Submit your Integration Request

To complete your setup, please provide the details gathered in Step 2 through our secure SSO onboarding form.

[Open Secure SSO Onboarding Form]

Note: For security reasons, please do not send Client Secrets via standard email. Use the secure form above, which will automatically raise a setup ticket with our engineering team.


Technical Note for Admins

Knowby utilises the standard OpenID Connect Discovery protocol. If your IdP supports it, providing just the Discovery URL allows our system to automatically fetch your authorisation, token, and userinfo endpoints, reducing the risk of manual entry errors.