Skip to main content

Configure SAML SSO between DigiCert and Okta

This guide walks you through setting up Single Sign-On (SSO) between your DigiCert​​®​​ account and Okta using SAML 2.0.

You'll switch between DigiCert and Okta tabs to exchange metadata and URLs. Once setup is complete, users in your account can sign in to DigiCert using their Okta credentials, either from the Okta dashboard or the DigiCert sign-in page.

For more details about Okta configuration, refer to Okta Help Center.

Before you begin

To complete this setup, you need administrative access in both DigiCert and Okta:

  • Account admin user group required in DigiCert account.

    How do I check my user group?

  • Application Administrator or equivalent role required in Okta.

Step 1: Access DigiCert SSO settings

Access DigiCert's SAML configuration page and copy the SSO URL:

  1. In DigiCert​​®​​ account, select the Accounts icon > Sign-in methods.

  2. Select Single sign-on with SAML.

  3. In the Connect DigiCert to your IdP section, copy the SSO URL.

  4. Leave this window open.

Step 2: Create SAML app in Okta

In another tab, create a SAML application for your DigiCert account in Okta:

  1. Sign in to your Okta Admin dashboard.

  2. Go to Applications > Applications.

  3. Select Create App integration:

    1. Select SAML 2.0 as the Sign-on method.

    2. Select Next.

    3. Enter DigiCert​​®​​ account as the App name.

    4. Optional: Add a logo to the App logo field.

      Need a DigiCert logo?

  4. On the Configure SAML tab, complete the following fields:

    1. Paste the SSO URL that you copied in Step 1 into both of the following fields:

      1. Single sign-on URL

      2. Audience URI (SP Entity ID)

  5. In the Name ID Format field, select Email address.

  6. In the Application username field, select Email.

  7. Select Next.

  8. Select Finish.

  9. Create the Okta metadata file that you'll need to provide to DigiCert in Step 3:

    1. Select the Sign On tab > View SAML setup instructions.

    2. In the Optional section, copy the IdP metadata.

    3. Paste the IdP metadata into a notepad and save the file in .xml format.

  10. Leave this window open.

Step 3: Back in DigiCert account

Back in your DigiCert​​®​​ account tab, upload the Okta metadata that you created in Step 2 and enable SSO:

  1. In the Connect your IdP to DigiCert section, select Upload metadata.

  2. In the Enable/Disable SSO with SAML section, switch to enable SSO.

  3. Select Save configuration.

Step 4: Assign users to your SAML app

Ensure that all users in your DigiCert account are assigned to the SAML application in Okta Admin dashboard:

  1. Go to Applications > Applications.

  2. Select DigiCert account app you just created.

  3. Select the Assignments tab.

  4. Select Assign > Assign People.

  5. Next to the user's name, select Assign.

  6. Select Save and Go Back.

  7. Select Done.

Step 5: Test your SAML connection

Verify that you are able to sign in using your SAML application from Okta Admin dashboard:

  1. In the top right corner, select ∷ > My end user dashboard.

  2. Select the DigiCert account app that you just created.

    Tip

    • Your SAML app is configured correctly if you are redirected to DigiCert account and asked to complete two-factor authentication (2FA).

    • If you are not redirected to the 2FA page in DigiCert account, please compare your app settings to the instructions above or contact DigiCert support for assistance.

DigiCert logos

Use of DigiCert's logo must at all times comply with DigiCert brand guidelines, including the DigiCert Trademark Usage Guidelines available at https://www.digicert.com/legal-repository/ (as updated from time to time).

DigiCert_White_on_Blue_Logo.png
DigiCert_Blue_on_White_Logo.png

DigiCert logo's for SSO configuration.

: