Edit your single sign-on with SAML configuration
After configuring single sign-on, update the configuration settings as needed:
Disable and enable single sign-on
Update your IDP metadata
Upload a new SAML certificate
Download DigiCert metadata
Disable DigiCert ONE password authentication
Update your SSO configuration
Sign in to DigiCert ONE.
Navigate to the Manager menu icon (top-right), select Account.
In the left navigation menu, select Accounts.
On the Accounts page, select the Name of the account.
On the Account details page, in the Sign-in settings for all-account-access users section, select the Single sign-on (SSO) pencil (edit icon).
Disable or enable single sign-on for your account
Enable or disable SSO sign-on for your account as needed.
On the Edit single sign-on access page, select one of the following options:
Enable SSO sign in
Disable SSO sign-in
Update your IDP metadata in DigiCert ONE
In the Upload your identity provider (IDP) metadata section, select Re-upload IDP metadata to upload a new version of your IDP metadata to DigiCert ONE.
Under IDP metadata details, verify your IDP URL.
Upload a new SAML certificate
Under SAML Certificate details, you will see the certificates Common Name, Expiry Date, and Thumbprint (SHA256).
As needed, you can upload a new SAML certificate to DigiCert ONE. For example, you will want to upload a new SAML certificate before the existing one expires.
Collect DigiCert metadata for your IDP
In the Download DigiCert metadata section, copy the DigiCert metadata to configure in your IDP service (step 10).
SSO URL
Copy the SSO URL and add it to your IdP to help make the SSO connection.
XML file
Select Download DigiCert metadata, download the DigiCert XML formatted metadata file, and add it to your IdP.
When ready, select Save.
Configure your IDP service
Important
Your SSO integration will not work until you add the DigiCert metadata to your IDP.
Configure your IDP service with the metadata collected in step 8.
Make sure authentication from your IDP signs both the response and the assertion.
Note
Signing SAML response is optional.