Skip to main content

Convert a SAML SSO-only or SAML SSO account user

Before you begin

Before you begin, make sure these prerequisites are met:

  • You have SAML enabled for your account.

  • You are an administrator in your account (or a manager in your account with the Allow access to SAML settings permission).

See SAML single sign-on prerequisites.

Notice

To convert a SAML SSO-only user to an account user, the administrator or manager can't be a SAML SSO-only type user.

Convert a SAML SSO user

  1. Go to the user details page

    1. In the sidebar menu, click Account > Users.

    2. On the Users page, locate the user and click the user's Name link.

  2. In the User Access sections, use one of these options to convert the user account:

    • Convert an account user to a SAML SSO-only User: To convert an account user to a SAML SSO-only user, check the Only allow this user to log in through SAML SSO box.

    • Convert a SAML SSO-only User to an Account User: To convert a SAML SSO-only user to an account user, uncheck the Only allow this user to log in through SAML SSO box.

    Important

    When you convert a user to a SAML SSO-only user, that user's CertCentral password gets revoked. That means they can no longer sign in to their CertCentral account directly via the DigiCert URL.

  3. When you are finished, select Update User.

What's next

Users who are converted to account users will be sent an email with instructions for completing their account setup and signing in.

Users who are converted to SAML SSO-only users will be sent an email with the custom SSO URL for signing into their account. They can also access the custom SSO URL from the DigiCert Account Login page.

Notice

Are you using an IdP initiated-login URL to sign in to your CertCentral account? If you are, you need to provide the new user with this IdP initiated URL or application.