Skip to main content

SAMLを使用したシングルサインオンを構成する

To streamline the process, we recommend keeping two browser tabs open: one for )DigiCert​​®​​ account and another for your Identity Provider (IdP). This setup allows you to easily reference both platforms and complete the configuration without interruptions.

Prerequisites

Before configuring SAML in DigiCert​​®​​ account:

  • 会社の IdP サービス(Active Directory、Okta、Salesforce、その他のユーザー管理サービスなど)に対して、管理者アクセス権があること。

  • PingOne や Okta などの自社のIDPサービスにアクセスでき、使い慣れていること。

  • IDP メタデータと SAML 証明書を所有していること。

To enable and configure SSO with SAML

  1. DigiCert アカウントにサインインします。

  2. DigiCert アカウントメニューで、[アカウント]アイコンから[Sign-in methods]を選択します。

  3. Select Single-Sign-On with SAML.

  4. In the Connect DigiCert to your IdP section, upload the DigiCert metadata to your IdP to enable your IdP to communicate with DigiCert for SAML authentication.

    Where do I upload DigiCert metadata in my IdP?

  5. Select Download DigiCert metadata.

  6. In the Connect your IdP to DigiCert section, upload your IdP metadata (including the SAML certificate) to allow DigiCert to communicate with your IdP for SAML authentication.

    Where do I find my IdP metadata?

  7. Once both steps are completed, in the Enable/Disable SSO with SAML section, toggle the button to enable SSO with SAML.

  8. Select Save configuration.

Troubleshooting

To configure SSO with SAML, you'll need to create DigiCert​​®​​ account an application in your IdP. During the process of creating this application, you'll need to provide DigiCert's metadata. Once the application is created, you can download your IdP metadata that you'll need to provide to DigiCert​​®​​ account.

ヒント

To perform this action, you must be an admin in your IdP.

Create SAML application in Okta

  1. Sign in to your Okta Admin dashboard

  2. Go to Applications > Applications.

  3. Select Create App integration:

    1. Select SAML 2.0 as the Sign-on method.

    2. Select Next.

    3. Enter DigiCert​​®​​ account as the App name.

    4. Optional: Add a logo to the App logo field.

  4. On the Configure SAML tab, complete the following fields:

    1. Paste the SSO URL from DigiCert account in both of the following fields:

      1. Single sign-on URL

      2. Audience URI (SP Entity ID)

  5. On the Sign On tab, scroll down to the SAML Signing Certificates section.

  6. Select the Actions button next to the active certificate.

  7. Select View Id P Metadata from the drop-down menu.

  8. A new browser tab will open with the metadata.

  9. Right-click anywhere on the page and select Save As or Save Page As.

  10. Choose a location to save the file.

  11. Upload the metadata file in DigiCert​​®​​ account.

注記

For more information, refer to Okta Help Center.

Create SAML application in Microsoft Azure

  1. Sign in to the Microsoft Entra admin center.

  2. In the left-hand navigation menu, navigate to Identity > Applications > Enterprise applications.

  3. Select New application.

  4. From the application's overview, select Single sign-on > SAML from the left-hand menu.

  5. Select the pencil icon next to the Basic SAML configuration section.

  6. Select Upload metadata file from DigiCert​​®​​ account.

  7. Select Single sign-on from the left-hand menu.

  8. Scroll down to the SAML Signing Certificate section.

  9. Select Download next to Federation Metadata XML.

  10. Upload the metadata file in DigiCert​​®​​ account.

注記

For more information, refer to Microsoft Learn.

Two-Factor Authentication and SSO with SAML

2FA が有効になっている場合、たとえ IdP (ID プロバイダ)に対してすでに OTP を入力していても、デジサートはサインイン時に OTP の入力を再度求めます。

このセクションの内容: