Convert a SAML SSO-only or SAML SSO account user

Before you begin

Before you begin

  • Have SAML enabled for your account
  • Be an admin in your account
  • Be a manager with SAML access permissions

See SAML single sign-on prerequisites.

To convert a SAML SSO-only user to an account user, the administrator or manager can't be a SAML SSO-only type user.

Convert a SAML SSO user

  1. Go to the user details page

    1. In the sidebar menu, click Account > Users.
    2. On the Users page, locate the user and click the user's Name link.
  1. Convert the user

    In the User Access sections use one of these options to convert the user account:

    • Convert an account user to a SAML SSO-only User
      To convert an account user to a SAML SSO-only user, check the Only allow this user to log in through SAML SSO box.
    • Convert a SAML SSO-only User to an Account User
      To convert a SAML SSO-only user to an account user, uncheck the Only allow this user to log in through SAML SSO box.

When you convert a user to a SAML SOO-only user, that user's CertCentral password is revoked, and they can no longer sign in to their CertCentral account directly via the DigiCert URL.

  1. Save changes

    When you are finished, click Update User.

What's next

Users who are converted to account users will be sent an email with instructions for completing their account setup and signing in.

Users who are converted to SAML SSO-only users will be sent an email with the custom SSO URL for signing into their account. They can also access the custom SSO URL from the DigiCert Account Login page.

Are you using an IdP initiated login URL to sign in to your CertCentral account? You'll need to provide the new manager with this IdP initiated URL or application.