Configure Ping Identity settings
Last updated June 26th, 2024
If you enable Ping Identity as a sign-in method, you cannot use Samsung account to sign in to Knox services.
On the Knox Admin Portal
- In the top-right corner, click your account icon > My account.
- On the Manage your Account page, click the IDENTITY PROVIDER SETTINGS tab.
On the Ping Identity portal
-
In the left sidebar, click Connections, then Applications.
-
Click Add Application.
-
Under SELECT AN APPLICATION TYPE, select WEB APP. In the prompt that appears, next to SAML, click Configure.
-
On the Create App Profile screen, enter the following information:
- APPLICATION NAME — Samsung Knox and Business Services
- DESCRIPTION — Samsung Knox is a comprehensive suite of enterprise solutions for security, manageability, and productivity.
-
Then, click Next.
-
On the Configure SAML Connection screen, under PROVIDE APP METADATA, select Manually Enter.
-
Under ACS URLS, enter https://central.samsungknox.com/ams/ad/saml/acs.
-
Under ENTITY ID, enter https://www.samsungknox.com/.
-
Under Assertion validity duration, enter 60 seconds, then click Save and Continue.
-
Next, configure the attributes:
-
PingOne users — On the Attribute Mapping screen, under SAML ATTRIBUTES, click ADD ATTRIBUTE > PingOne Attribute. Then, enter the following information in the new attribute:
-
PINGONE USER ATTRIBUTE — Email Address
-
APPLICATION ATTRIBUTE — http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name.
-
Next to Required, select the checkbox.
-
-
PingFederate users — add a new attribute for Email Address and map it to the following application attribute — http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
-
Then, click Save and Close.
-
On the Applications screen, locate the Samsung Knox and Business Services item and click the toggle to enable it.
-
Expand the application details and click Configuration. Note the IDP METADATA URL for later.
On the Knox Admin Portal
-
In your Samsung Knox account settings, under App federation metadata URL, paste the IDP METADATA URL value you copied in Step 12.
-
Click CONNECT.
-
In the sign-in window that opens, enter your Ping Identity credentials.
On this page
Is this page helpful?