Updating Your SSO Certificate

Before You Get Started

  • Before you attempt to update your SSO Certificate, please enable our standard Brightidea Login to ensure that you are not locked out of your Brightidea site!
  • We strongly recommend downloading the existing certificate as a backup incase it needs to be re-uploaded, e.g. if the new certificate doesn't work or is not live yet. 
  • Please also note the date when your SSO certificate is set to expire or you will be locked out of your Brightidea site in the event it expires and Brightidea Login is not enabled. 

Getting Started

  • To update the SSO certificate for your Brightidea site, please navigate to the "Authentication" tab in Enterprise setup and find the associated SSO profile.
  • As a first step, remove the existing certificate by clicking the "x" icon. Then click "Save Changes" and refresh the page.
    • Screenshot_2023-02-16_at_8.51.43_AM.png

Re-upload Metadata

  • You can re-upload meta data in order to update your SSO Certificate 
    • This field expects certificate used for signature verification in a SAML Response. It can be auto-populated through Metadata upload.


Re-Upload Public Key

  • If you do not want to re-upload the entire Metadata you can directly re-upload your public key which will update your SSO certificate.  


  • Make sure to "Save Changes" and test the SSO connection to ensure it works properly with the new certificate. 
    • Also, after uploading the new certificate, please ensure the 'Site authentication' setting under 'Configure Advanced Settings' is still set correctly based on your SSO requirements.
  • Only after ensuring SSO works without issues, you can disable the standard Brightidea login option that was enabled above. 
  • For more information on our SSO configuration, please see our complete SSO feature guide here!



Was this article helpful?
1 out of 1 found this helpful
Have more questions? Submit a request