To streamline the process, we recommend keeping two browser tabs open: one for )DigiCert® account and another for your Identity Provider (IdP). This setup allows you to easily reference both platforms and complete the configuration without interruptions.
Before configuring SAML in DigiCert® account:
Have administrator access to your company's IdP service, such as Active Directory, Okta, Salesforce, or other user management service.
Make sure authentication from your IdP signs the assertion.
Note
Signing SAML response is optional.
Have your IdP metadata and SAML certificate.
Sign in to your DigiCert account.
In the left menu, select Accounts > Sign-in methods.
Select Single-Sign-On with SAML.
In the Connect your IdP to DigiCert section, upload your IdP metadata (including the SAML certificate) to allow DigiCert to communicate with your IdP for SAML authentication.
Select Download DigiCert metadata.
In the Connect DigiCert to your IdP section, upload the DigiCert metadata to your IdP to enable your IdP to communicate with DigiCert for SAML authentication.
Once both steps are completed, in the Enable/Disable SSO with SAML section, toggle the button to enable SSO with SAML.
Select Save configuration.
When 2FA is enabled, DigiCert will prompt you to enter an OTP when signing in, even if you have already provided an OTP to your identity provider (IdP).