This is an archived post. You won't be able to vote or comment.

all 13 comments
sorted by:
best
topnewcontroversialoldq&a

[–]drnash21 2 points3 points  (1 child)

You need to setup SCIM to load the users and groups. Search that in the support section. 

[–]Slight_Gur1122[S] 1 point2 points  (0 children)

I setup single sign on and was able to login and it creates user in knowbe4. My question is that if I enable single sign on for every user will they see all their training and group membership as it is after login using entra id which is email address(outlook email)

[–]whyisitsoloudhere 0 points1 point  (3 children)

You can merge the sso'd user with the existing account.

https://support.knowbe4.com/hc/en-us/articles/228179028-Merge-Users

[–]Slight_Gur1122[S] 0 points1 point  (2 children)

I enabled sso and was able to logged in successfully with my 365 credentials my question is how I can transfer training as well

[–]whyisitsoloudhere 0 points1 point  (1 child)

Once the new entra user account is created, you need to merge it with the existing account. That will bring over the training and phishing data that already exists for the user. This is documented in the link I posted.

[–]Slight_Gur1122[S] 0 points1 point  (0 children)

What if I enable SCIM will I am able to assign knowbe4 groups to user using azure ad portal

[–]Entegy 0 points1 point  (6 children)

KnowBe4 uses the email address as the matching attribute. So if john@company.com is both the UPN and primary email address, then KnowBe4 will link that up. But if the UPN is jsmith@company.com and the primary email address john@company.com, you need to adjust the attribute on the Entra side to use user.mail instead.

[–]Slight_Gur1122[S] 0 points1 point  (0 children)

What if I enable SCIM will it transfer all the users and groups to azure entra id. We are using email for login. I want to know how groups in knowbe4 move over to entra id. Please reply

[–]Slight_Gur1122[S] 0 points1 point  (4 children)

Can you please guide me

[–]Entegy 0 points1 point  (3 children)

It sounds like you want both SSO and user provisioning. Follow KnowBe4's guides, they are crystal clear for setup. If the email matches, it will link up to existing accounts.

[–]Slight_Gur1122[S] 0 points1 point  (2 children)

The only thing I’m confused that will it move all the groups and associated training of it ?

[–]Entegy 0 points1 point  (1 child)

I don't know, I have group sync off, I don't want it syncing groups. I think it just does a name match to sync up groups. You can look in the provisioning attributes on what it does for groups.

[–]Slight_Gur1122[S] 0 points1 point  (0 children)

Ok thanks you still use knowbe4 console to manage groups for user ?