Step 2: Configure Azure AD settings

NOTE—If you enable Azure AD as a sign-in method, you cannot use Samsung Account to sign into Knox services.

In the top right corner of your Knox dashboard, click the avatar icon to access your account settings. Then, in the left sidebar, click ACTIVE DIRECTORY SSO SETTINGS. Note the below fields on the page, as you'll need them for your Azure AD configuration.

  • Identifier (entity ID): Enter in this field.
  • Reply URL (assertion consumer service URL)
  • App federation metadata URL

Open your Microsoft Azure portal and add the Samsung Knox and Business Services app:

  1. In the left navigation pane, select Azure Active Directory.
  2. Navigate to Enterprise Applications, then select New application.
  3. In the Add from the gallery section, enter Samsung Knox and Business Services in the search box.
  4. Select the Samsung Knox and Business Services app from the results and add it.

Next, follow the steps below to set up the Basic SAML configuration:

  1. In the Azure portal, select the Samsung Knox and Business Services application page, navigate to the Manage section and select Single sign-on.
  2. Select SAML as the single sign-on method.
  3. Under Basic SAML Configuration, enter the SAML info from your Samsung Knox settings:
    For the Identifier (entity ID) field, enter
    For the Reply URL (assertion consumer service URL) field, enter
  4. Under SAML Signing Certificate, copy the App federation metadata URL.
  5. Navigate back to your Samsung Knox account settings. Under App federation metadata URL, paste the value you copied in Step 4.
  7. In the AD log in window that appears, enter your AD credentials.
NOTE - Once you verify the connection, a warning popup appears. If you click Continue, you can no longer use your Samsung Account credentials to sign into Knox services.

Tutorial Progress

You've completed 2/4 steps!

<< PreviousNext >>

Share it: