Skip to main content

Edit your single sign-on with SAML configuration

After configuring single sign-on, update the configuration settings as needed:

  • Disable and enable single sign-on

  • Update your IDP metadata

  • Upload a new SAML certificate

  • Download DigiCert metadata

  • Disable DigiCert ONE password authentication

Update your SSO configuration

  1. Sign in to DigiCert ONE.

  2. Navigate to the Manager menu icon (top-right), select Account.

  3. In the left navigation menu, select Accounts.

  4. On the Accounts page, select the Name of the account.

  5. On the Account details page, in the Sign-in settings for all-account-access users section, select the Single sign-on (SSO) pencil (edit icon).

  6. Disable or enable single sign-on for your account

    Enable or disable SSO sign-on for your account as needed.

    On the Edit single sign-on access page, select one of the following options:

    • Enable SSO sign in

    • Disable SSO sign-in

  7. Update your IDP metadata in DigiCert ONE

    1. In the Upload your identity provider (IDP) metadata section, select Re-upload IDP metadata to upload a new version of your IDP metadata to DigiCert ONE.

    2. Under IDP metadata details, verify your IDP URL.

  8. Upload a new SAML certificate

    Under SAML Certificate details, you will see the certificates Common Name, Expiry Date, and Thumbprint (SHA256).

    As needed, you can upload a new SAML certificate to DigiCert ONE. For example, you will want to upload a new SAML certificate before the existing one expires.

  9. Collect DigiCert metadata for your IDP

    In the Download DigiCert metadata section, copy the DigiCert metadata to configure in your IDP service (step 10).

    1. SSO URL

      Copy the SSO URL and add it to your IdP to help make the SSO connection.

    2. XML file

      Select Download DigiCert metadata, download the DigiCert XML formatted metadata file, and add it to your IdP.

  10. When ready, select Save.

  11. Configure your IDP service

    Important

    Your SSO integration will not work until you add the DigiCert metadata to your IDP.

    1. Configure your IDP service with the metadata collected in step 8.

    2. Make sure authentication from your IDP signs both the response and the assertion.

      Note

      Signing SAML response is optional.