# Execute Response Actions with KnowBe4

In this guide, you'll configure the integration between KnowBe4 and Radiant to automatically enroll users in additional training after simulated phishing attacks. Users who clicked on malicious links or downloaded malicious files will be added to a KnowBe4 smart group and enrolled in remedial phishing training.

<details>

<summary><i class="fa-bolt-lightning">:bolt-lightning:</i> <mark style="color:red;">Available actions</mark></summary>

The following action is available after you set up the KnowBe4 action connector. Keep in mind, additional permissions are required.

* Enroll in phishing training

</details>

### Prerequisites

This configuration requires the following:

* [ ] Platinum or Diamond-level license to use the smart groups functionality
* [ ] Administrator of the KnowBe4 account

### **Create a Product API Token in KnowBe4**

Create the Product API token to share with Radiant Security. The token will allow the app to authenticate to KnowBe4.

1. Login to your KMSAT console, click your email address at the top-right corner of the page and select **Account** **Settings**
2. Navigate to **Account** **Integrations** > **API**

<div align="left"><figure><img src="https://2439665791-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FPsFulb2ZOtSPcRSc2rXE%2Fuploads%2FoE6EB1Kv0JLKF9BVQwwN%2FAction_Connector_KB4_01.webp?alt=media&#x26;token=4d7909c4-16d1-46f1-82b6-c52f090e6e6c" alt="" width="375"><figcaption></figcaption></figure></div>

3. Click **User Event API**
4. On the **Create New API Token** page, fill in the **Name** field with `Radiant Security App`
5. Click **Create Token**
6. Under **Key**, click the copy icon to copy the API token you just created

<div align="left"><figure><img src="https://2439665791-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FPsFulb2ZOtSPcRSc2rXE%2Fuploads%2FKNrQecvhymVleqTHHffy%2FAction_Connector_KB4_02.png?alt=media&#x26;token=8e662025-9da6-4b47-b4ef-bd43a1e995fd" alt="" width="375"><figcaption></figcaption></figure></div>

{% hint style="info" %}
**Note:** Be sure to save the API token as it will be needed in the next section.
{% endhint %}

### **Add the action connector in Radiant Security**

Add the new action connector to Radiant Security.

1. Login to [Radiant Security](https://app.radiantsecurity.ai/)
2. From the navigation menu, select **Settings** > **Action Connectors**
3. Click **+ Add Connector**
4. Select **KnowBe4** from the menu and click **Credentials**
5. Under **Required Credentials**, add the following:

* **User Event API**: The Product API Token that you copied from the KMSAT console.
* **Base URL**:  Select the appropriate base URL depending on where your KnowBe4 account is located. From the drop-down, choose from the following options:
  * US server (located at [training.knowbe4.com](https://training.knowbe4.com/)): `https://api.events.knowbe4.com/`
  * EU server (located at [eu.knowbe4.com](https://eu.knowbe4.com/)): `https://api-eu.events.knowbe4.com/`

6. Click **Add Connector** to save the connector configuration

### Create a smart group from custom event criteria

Create a smart group in KnowBe4. When users match the custom event criteria, they will be automatically added to this smart group.

{% hint style="info" %}
**Note**: It may take up to 1 hour from an event publish until the user is added to the smart group. This is dependent on KnowBe4’s background processing and is not configurable.
{% endhint %}

1. Log in to your KMSAT console and navigate to **Users** > **Groups**.
2. Click the **+ Create New Group** button at the top-right corner of the page.
3. Enter a group name in the **Group Name:** `Radiant Security Impacted User`
4. Select the **Make this a Smart Group** checkbox.
5. Click **Create Group**. When you click this button, the Smart Group’s overview page will open.
6. From this page, click the **Smart Group Criteria** drop-down menu and select the criteria type **Custom Event Criteria**.
7. Fill in the criteria using the information below:
   * **Condition**: `Must`
   * **Event Type**: `Radiant Security Impacted Users`
   * **Event Source** (optional): `<blank>`
   * **Event External Id** (optional): `<blank>`
   * **Description** (optional): `Radiant Security enrolled user in training`
   * **Matcher**: `Greater than`
   * **Count**: `0`
   * **Time Frame**: `Any`

### Create a remedial training campaign

Finally, add the newly created smart group to a new or existing remedial training campaign. Follow the [KnowBe4 documentation](https://support.knowbe4.com/hc/en-us/articles/206280728-How-to-Set-Up-a-Remedial-Training-Campaign) to complete these steps.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://help.radiantsecurity.ai/radiant-connectors/data-connectors/execute-response-actions-with-knowbe4.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.