# KnowledgeOwl

#### KnowledgeOwl Configuration

* Log into your KnowledgeOwl admin session and in Settings, click on Security

* In the SAML SSO Integration section, click on Enable SSO and fill the following fields:

  * IdP entityID

  ```exp
  https://mydomain.trustelem.com/app/33XXXX
  ```

  * IdP Login URL

  ```exp
  https://mydomain.trustelem.com/app/33XXXX/sso
  ```

  * IdP Logout URL

  ```exp
  https://mydomain.trustelem.com/app/33XXXX/on_logout
  ```

* Click on Map SAML Attributes and fill the following fields:

  * Username / Email

  ```exp
  email
  ```

  * First Name

  ```exp
  firstname
  ```

  * Last Name

  ```exp
  lastname
  ```

* If needed, you can map other attributes and send them with the advanced settings script on Trustelem, for example:

```ts
function CustomSAMLResponse(msg: SAMLResponse, user: User, groups: Groups, deny: Deny): void {
    msg.setAttr("username", user.firstname+"."+user.lastname);
}
```

* Download the Trustelem certificate and import it by clicking on Upload IdP Certificate

* In Advanced Option, check the second option, Issue a remote logout request using the IdP logout URL when a reader logs out

* You can restrict access to SSO by checking Restrict Access to SSO

#### Trustelem Configuration

* On Trustelem, write your KnowledgeOwn base in the corresponding field