Configure SAML SSO for DigiCert Private CA
Configure DigiCert Private CA in a customer-hosted environment to use your organization’s identity provider for SAML single sign-on.
Before you begin
Review the following topics:
SAML SSO prerequisites and required attributes
Service provider endpoints for SAML SSO
You need access to the local superadmin account for your DigiCert Private CA instance.
Configure SAML SSO
Sign in to the Private CA as the local superadmin user.
In the left navigation menu, select Settings > SAML SSO.
Turn on Enable SSO sign-in.
Select Download DigiCert metadata.
In your identity provider, create or configure a SAML 2.0 application for DigiCert Private CA. Use the DigiCert Private CA service provider metadata or manually enter the service provider endpoints.
In your identity provider, configure the required SAML attributes:
emailfirstNamelastName
Download the identity provider metadata XML from your identity provider.
In the Private CA, upload the identity provider metadata XML.
Select Save.
Next step
After you save the SAML configuration, validate SSO sign-in and logout.