When converting SAML SSO-only and account users, it's important to understand the differences in the processes.
When you convert an account user to a SAML SSO-only user, the account user’s password gets revoked. They can no longer sign in to their CertCentral account directly via the DigiCert URL. If you ever convert them back to an account user, they'll need to complete their account setup again.
They will receive an email that contains the custom SSO URL used to sign in to their CertCentral account. They can also access the custom SSO URL from the DigiCert Account Login page.
When you convert a SAML SSO-only user account to an account user, the user will receive an email with instructions for completing their account setup and signing in.
To convert a SAML SSO-only user to an account user, the administrator or manager can't be a SAML SSO-only user.
If you opt to use an IdP initiated login URL, you need to provide it to all your users.
If you want your users to only use your IdP initiated URL to sign in to their account, you need to instruct them not to use the one provided in the email sent to them. You also need to tell them to ignore the If you use SSO, click here to login link on the DigiCert account sign-in page.
DigiCert is the world's leading provider of scalable TLS/SSL, IoT and PKI solutions for identity and encryption. The most innovative companies, including 89% of the Fortune 500 and 97 of the 100 top global banks, choose DigiCert for its expertise in identity and encryption for web servers and Internet of Things devices. DigiCert supports TLS and other digital certificates for PKI deployments at any scale through its certificate lifecycle management solution, CertCentral®. The company is recognized for its enterprise-grade certificate management platform, fast and knowledgeable customer support, and market-leading security solutions. For the latest DigiCert news and updates, visit digicert.com or follow @digicert.
©2020 DigiCert, Inc. All rights reserved. DigiCert, its logo and CertCentral are registered trademarks of DigiCert, Inc. Norton and the Checkmark Logo are trademarks of NortonLifeLock Inc. used under license. Other names may be trademarks of their respective owners.