Convert a SAML SSO-only or SAML SSO account user

Before you begin

Before you begin, make sure these prerequisites are met:

  • Have SAML enabled for your account
  • Are an admin in your account (or a manager in your account with the Allow access to SAML settings permission)

See SAML single sign-on prerequisites.

To convert a SAML SSO-only user to an account user, the administrator or manager can't be a SAML SSO-only type user.

Convert a SAML SSO user

  1. Go to the user details page

    1. In the sidebar menu, click Account > Users.
    2. On the Users page, locate the user and click the user's Name link.

  1. Convert the user

    In the User Access sections use one of these options to convert the user account:

    • Convert an account user to a SAML SSO-only User
      To convert an account user to a SAML SSO-only user, check the Only allow this user to log in through SAML SSO box.
    • Convert a SAML SSO-only User to an Account User
      To convert a SAML SSO-only user to an account user, uncheck the Only allow this user to log in through SAML SSO box.

When you convert a user to a SAML SOO-only user, that user's CertCentral password is revoked, and they can no longer sign in to their CertCentral account directly via the DigiCert URL.

  1. Save changes

    When you are finished, click Update User.

What's next

Users who are converted to account users will be sent an email with instructions for completing their account setup and signing in.

Users who are converted to SAML SSO-only users will be sent an email with the custom SSO URL for signing into their account. They can also access the custom SSO URL from the DigiCert Account Login page.

Are you using an IdP initiated login URL to sign in to your CertCentral account? You'll need to provide the new user with this IdP initiated URL or application.

About

DigiCert is the world’s premier provider of high—assurance digital certificates—providing trusted SSL, private and managed PKI deployments, and device certificates for the emerging IoT market. Since our founding almost fifteen years ago, we’ve been driven by the idea of finding a better way. A better way to provide authentication on the internet. A better way to tailor solutions to our customer’s needs. Now, we’ve added Symantec’s experience and talent to our legacy of innovation to find a better way to lead the industry forward, and build greater trust in identity and digital interactions.

©2019 DigiCert, Inc. All rights reserved. DigiCert and its logo are registered trademarks of DigiCert, Inc. Symantec and Norton and their logos are trademarks used under license from Symantec Corporation. Other names may be trademarks of their respective owners.