Back to top

Configure Ping Identity settings

Last updated June 26th, 2024

If you enable Ping Identity as a sign-in method, you cannot use Samsung account to sign in to Knox services.

On the Knox Admin Portal

  1. In the top-right corner, click your account icon > My account.
  2. On the Manage your Account page, click the IDENTITY PROVIDER SETTINGS tab.

On the Ping Identity portal

  1. In the left sidebar, click Connections, then Applications.

    The Applications menu on the Knox Admin Portal

  2. Click Add Application.

  3. Under SELECT AN APPLICATION TYPE, select WEB APP. In the prompt that appears, next to SAML, click Configure.

    The WEB APP tile on the Ping Identity portal

  4. On the Create App Profile screen, enter the following information:

    • APPLICATION NAME — Samsung Knox and Business Services
    • DESCRIPTION — Samsung Knox is a comprehensive suite of enterprise solutions for security, manageability, and productivity.
  5. Then, click Next.

  6. On the Configure SAML Connection screen, under PROVIDE APP METADATA, select Manually Enter.

  7. Under ACS URLS, enter https://central.samsungknox.com/ams/ad/saml/acs.

  8. Under ENTITY ID, enter https://www.samsungknox.com/.

    The app metadata and entity ID fields on the Ping Identity portal

  9. Under Assertion validity duration, enter 60 seconds, then click Save and Continue.

  10. Next, configure the attributes:

  • PingOne users — On the Attribute Mapping screen, under SAML ATTRIBUTES, click ADD ATTRIBUTE > PingOne Attribute. Then, enter the following information in the new attribute:

    1. PINGONE USER ATTRIBUTE — Email Address

    2. APPLICATION ATTRIBUTEhttp://schemas.xmlsoap.org/ws/2005/05/identity/claims/name.

    3. Next to Required, select the checkbox.

      The SAML attributes on the Ping Identity portal

  • PingFederate users — add a new attribute for Email Address and map it to the following application attribute — http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name

  1. Then, click Save and Close.

  2. On the Applications screen, locate the Samsung Knox and Business Services item and click the toggle to enable it.

  3. Expand the application details and click Configuration. Note the IDP METADATA URL for later.

On the Knox Admin Portal

  1. In your Samsung Knox account settings, under App federation metadata URL, paste the IDP METADATA URL value you copied in Step 12.

  2. Click CONNECT.

  3. In the sign-in window that opens, enter your Ping Identity credentials.

Is this page helpful?