Back to top
Home / Samsung Knox / Register for Samsung Knox / Single sign-on /

Configure Microsoft Azure AD SSO settings

Last updated October 25th, 2023

Note

If you enable Azure AD as a sign-in method, you can’t use your Samsung account to sign in to Knox services.

On the Knox Admin Portal

  1. In the top-right corner, click your account icon > My account.
  2. On the Manage your Account page, click the SSO SETTINGS tab.

The SSO settings tab on the Knox Admin Portal.

On the Microsoft Azure portal

Next, add the Samsung Knox and Business Services app:

  1. Under Azure services, click Azure Active Directory.

    The Azure Active Directory button on the Microsoft Azure portal.

  2. In the left sidebar, click Enterprise Applications.

    The Enterprise applications link on the Microsoft Azure portal.

  3. Select New application.

    The New application button on the Microsoft Azure portal.

  4. In the Browse Azure AD Gallery section, enter Samsung Knox and Business Services in the search box.

  5. Select the Samsung Knox and Business Services app from the results and add it.

    The Samsung Knox and Business Services app.

Then, assign users and groups to the Samsung Knox and Business Services app:

  1. In the left sidebar, click Users and groups.

    The Users and groups link on the Microsoft Azure portal.

  2. Click Add user/group.

    The Add user/group button on the Microsoft Azure portal.

  3. On the Add Assignment screen, under Users and groups, click None Selected.

    The None selected link on the Microsoft Azure portal.

  4. In the list of users and groups, search for and select the users and groups to assign to the app. Then, click Select.

    Note

    Selected users must have an Azure Active Directory account.

    The list of users and groups on the Microsoft Azure portal.

  5. At the bottom of the screen, click Assign to allow the users to access the app.

On the Knox Admin Portal

Finally, follow the steps below to set up the Basic SAML configuration:

  1. In the Azure portal, select the Samsung Knox and Business Services application page, navigate to the Manage section and select Single sign-on.

    The Single sign-on link on the Microsoft Azure portal.

  2. Select SAML as the single sign-on method.

    The SAML tile on the Microsoft Azure portal.

  3. Under Basic SAML Configuration, enter the SAML info from your Samsung Knox settings:

    • For the Identifier (entity ID) field, enter https://www.samsungknox.com.
    • For the Reply URL (assertion consumer service URL) field, enter https://central.samsungknox.com/ams/ad/saml/acs.
    • For the Sign on URL field, enter https://account.samsung.com/.

    The Basic SAML Configuration page on the Microsoft Azure portal.

  4. Under SAML Signing Certificate, copy the App federation metadata URL.

    The Azure Active Directory button on the Microsoft Azure portal.

  5. Navigate back to your Samsung Knox account settings. Under App federation metadata URL, paste the value you copied in Step 4.

    The SSO settings on the Knox Admin Portal

  6. Click CONNECT TO SSO.

  7. In the sign-in window that opens, enter your AD credentials.

    The corporate AD connection screen on SamsungKnox.com.

Caution

Once you verify the connection, a warning popup appears. If you click Continue, you can no longer use your Samsung account credentials to sign in to Knox services.

Is this page helpful?