SSO Requirements and Considerations
Only one Identity Provider (IdP) is supported per company
Users are identified by email only
SSO users are created after the first successful login
Older setups may have domain configuration differences
Email delivery issues can impact SSO workflows, such as not receiving password reset emails or user creation notifications.
Common SSO Issues and Fixes
Before You Start, answer these questions to narrow down the issue:
Is the issue affecting one user or multiple users?
Does the issue happen every time or only sometimes?
Does it work in an incognito or private browser window?
These answers help determine the root cause faster.
“We Can’t Find Your User” Error
Knak matches users by email. Your Identity Provider (IdP) must send the user’s email as the SAML NameID for SSO to work correctly.
Azure
Update your Azure SSO configuration:
Open your Knak Enterprise Application in Azure
Go to Single Sign-On (SAML)
Find Unique User Identifier (Name ID)
Set the value to:
user.mail
Save your changes
Retry Continue with SSO
Okta
Okta sends email by default. Issues usually happen after customization.
Open your Knak app in Okta
Go to Sign On settings
Locate Name ID format / Application username
Set it to use the user’s email
Save and retry login
Ping (or Other SSO Providers)
Your IdP must send email as the SAML NameID.
Open your IdP SAML configuration for Knak
Locate NameID settings
Set NameID to the user’s email address
Save changes
Retry login
"Continue with SSO" Button Fails but Direct Login Works
You can log in using your company’s SSO login URL, but the “Continue with SSO” button does not work.
Why this Happens:
These two login methods handle your identity differently:
“Continue with SSO” button
→ Requires your email to match exactly in KnakDirect IdP login URL
→ May allow login using a different identifier
If your Identity Provider (IdP) sends something other than your email (such as a username or internal ID), the button flow will fail.
How to Fix
Update your IdP to send your email as the SAML NameID.
Ensure the identifier matches your email in Knak
Retry using “Continue with SSO” after updating
How to Confirm
Try logging in using the direct IdP URL
If that works, but the button fails, this is likely the issue
One User Cannot Log In
Potential Reasons:
Email address was recently changed
User was removed and re-added
IdP and Knak emails do not match
How to Fix
Confirm the email in your IdP matches your Knak account
Retry login after updating
SSO Works Sometimes but Not Always
Intermittent failures or "redirect to Knak login" that resolves on retry. Other browsers and incognito mode resolves the login issue.
Potential Reasons:
Browser session or cookie issue
How to Fix
Open Knak in your browser
Click the lock icon in the address bar
Open site settings
Clear cookies for Knak
Close all tabs
Reopen and sign in again
💡 You can also test using an incognito or private window
Redirected to Knak Login Instead of Your IdP
You click “Continue with SSO”, but instead of being redirected to your Identity Provider (IdP), you are taken back to the Knak login page.
Potential Reasons:
Knak cannot determine which IdP to send you to. This usually happens when:
Your SSO configuration is incomplete or misconfigured
Your company’s domain or connection is not recognized
There is a mismatch between expected login domains
How to Fix
Step 1: Try direct login
Use your company’s SSO login URL
If this works, your SSO setup is partially correct.
Step 2: Contact Knak Support
Share the following details:
Your company name
Your user email
What happens when you click “Continue with SSO”
Whether all users are affected
Whether the issue started after a recent SSO change
Whether direct login also fails
Logout Does Not Redirect to Your SSO login page
You log out of Knak, but you are not redirected to your Identity Provider (IdP) logout screen.
Potential Reason:
A logout redirect URL is not configured for your account
How to Fix
Contact Knak Support
Share your user access URL
Support will configure the logout redirect for your account
SSO Fails for Multiple Users
Several users from your company cannot log in at the same time.
Potential Reasons:
IdP outage or configuration issue
Possible system-wide issue
How to Fix
Check with your internal admin
Contact support with details
Common Email Issues
Email delivery problems can impact account access and SSO workflows.
Examples include:
Users do not receive password reset emails.
Specific recipients do not receive emails sent from Knak.
Users created using Create SSO User do not receive an invitation email.
Steps to Troubleshoot Email Delivery
Check Spam or Junk Folders
Ask the user to review their spam or junk folders.
Review Email Filtering
If only specific recipients are affected, their email system may be blocking messages.
Ask the organization's email administrator to:
Whitelist the Knak sending domain.
Whitelist the sender address used by Knak.
Verify the Email Address
Confirm the email address is correct in the Users section of Knak.
Navigate to the Admin area of Knak.
Click the Users tab.
Locate the affected user.
Click the Edit icon next to the user.
Review the email address listed in the user details.
Confirm the email address matches the intended recipient.
Correct the email address if needed.
If the user needs a new invitation email, return to the Users list and click the Envelope icon next to the user to resend the invitation.
Forgot Password Email Not Received
If a user does not receive the password reset email:
Have an administrator set a temporary password for the user.
Ask the user to log in with the temporary password.
Have the user update their password.
Continue using password authentication or SSO.
Users Created with "Create SSO User" Do Not Receive A Knak Invite Email
Users created using Create SSO User do not receive the standard Knak invitation email.
Their account is finalized after their first successful login through the Identity Provider. This process automatically creates their profile in Knak.
Need more help? Contact support via live chat using the chat bubble in the bottom right corner or email support@knak.com.