Authentication methods

Understand and select your preferred authentication method in Knock.

Overview

We support three methods of authenticating users to get access to the Knock dashboard: email based passwordless authentication, Google SSO, and SAML 2.0 SSO.

Email (passwordless)

With this authentication method users will receive an email to authenticate themselves in order to access the Knock dashboard. The email contains a "magic link" that expires after 5 minutes of being generated. Clicking the link will authenticate the user and grant access to the Knock dashboard.

Google SSO

Users can authenticate using their Google account to access their Knock account. Google SSO works for both personal and organizations using Google Workspace (formerly G Suite).

SAML 2.0 SSO

Users can authenticate with their chosen corporate identity provider (i.e. Okta) to access their Knock account.

Once SSO is enabled for an account, all members are redirected through that identity provider's authentication flow. Moving forward, they must pass through SSO to access their Knock account.

Note: SAML 2.0 SSO is only available to Growth and Enterprise plan customers. Enabling SAML 2.0 SSO will force all members of your account on a matching domain to authenticate via your identity provider.