Convert an account user to SAML SSO-only
Restrict an existing account user to authenticate exclusively through SAML SSO. Use this when your organisation moves a user to centralised identity management and direct CertCentral sign-in is no longer permitted.
Before you begin
SAML SSO must be configured and tested for your account before restricting users.
Confirm the user exists in the identity provider before applying this restriction.
Ensure at least one administrator retains access through an unrestricted method to prevent account lockout.
Important
After this change, the user cannot sign in with CertCentral credentials and loses the ability to modify their own username or email address.
Convert to SAML SSO-only
In the CertCentral main menu, go to Account > Users.
Select the user you want to update.
Locate Authentication settings.
Select Only allow this user to log in through SAML SSO.
Select Update user.
The user must now authenticate through the configured identity provider.