Skip to main content

Create SAML application in Microsoft Entra ID

Use this procedure to configure Single Sign-On (SSO) between your DigiCert® account and Entra using SAML 2.0.

You’ll need to complete setup in both DigiCert and Entra, and switch between the two tabs to exchange URLs and metadata.

Once completed, users in your account will be able to sign in to DigiCert from their Entra dashboard or via the DigiCert sign in page with their Entra credentials.

Anmerkung

For more information, refer to Microsoft Learn.

Before you begin

You'll need elevated privileges in DigiCert account and Entra to configure SSO:

  • Account admin user group required in DigiCert account.

    How do I check my user group?

  • Application Administrator or equivalent role required in Entra.

Step 1: Open DigiCert account

1. Access SSO settings

  1. In the DigiCert​​®​​ account menu, select the Accounts icon > Sign-in methods.

  2. Select Single sign-on with SAML.

2. Download DigiCert metadata

  1. In the Connect DigiCert to your IdP section, select Download DigiCert metadata.

  2. Leave this window open.

Step 2: Open Entra

1. Create a SAML application

  1. Sign in to the Microsoft Entra admin center.

  2. In the left-hand navigation menu, navigate to Microsoft Entra ID > Manage > Enterprise applications.

  3. Select New application.

  4. In the Search application field, enter DigiCert.

  5. Select the application for DigiCert, Inc.

  6. In the Name field, change the name to DigiCert account.

  7. Select Create.

2. Download Entra metadata

  1. Select the DigiCert account application you just created.

  2. In the left hand menu, select Manage > Single sign-on.

  3. Go to the SAML Certificates section.

  4. Select Download next to Federation Metadata XML

3. Upload DigiCert metadata

On the same page where you just downloaded the Entra metadata, upload the DigiCert metadata you downloaded in Step 1:

  1. Select Upload metadata file.

  2. Leave this window open.

Step 3: Back in DigiCert account

1. Upload Entra metadata

In the Connect your IdP to DigiCert section, select Upload IdP metadata.

SAML_connect_IdP_to_DigiCert.png

2. Enable SSO

  1. In the Enable/Disable SSO with SAML section, toggle to enable SSO.

    Enable_SSO.jpg

  2. Select Save configuration.

Step 4: Back in Entra

1. Assign users to the DigiCert SAML app

In Microsoft Entra admin center:

  1. Go to Manage > Enterprise applications.

  2. Select the DigiCert account application you just created.

  3. From the application's overview, select Assign users and groups.

  4. Select +Add user/group.

2. Test your SAML connection

In Microsoft Entra admin center:

  1. Go to Manage > Enterprise applications.

  2. Select the DigiCert account application you just created.

  3. Select Manage > Single sign on.

  4. Select Test this application.

  5. Select Test sign in.

  6. On the Success! page, select Done.

  7. On the Let's keep your account secure page, select Next.

  8. On the second Success! page, select Done.

  9. On the second Let's keep your account secure page, select Next.

    Tipp

    • Your SAML app is configured correctly if you are redirected to DigiCert account and asked to complete two-factor authentication (2FA).

    • If you are not redirected to the 2FA page in DigiCert account, please compare your app settings to the instructions above or contact DigiCert support for assistance.

DigiCert logos

Use of DigiCert's logo must at all times comply with DigiCert brand guidelines, including the DigiCert Trademark Usage Guidelines available at https://www.digicert.com/legal-repository/ (as updated from time to time).

DigiCert_White_on_Blue_Logo.png
DigiCert_Blue_on_White_Logo.png

DigiCert logo's for SSO configuration.

In diesem Abschnitt: