Replacing and Updating Your SAML Certificate Ingrid The Bitsight SAML configuration can be updated without disabling SAML. Refer to the following instructions for replacing the SSO certificate in the Bitsight platform with any current SAML configuration: Prerequisites Updating Your SAML Configuration Updating Your SAML Configuration with Metadata Updating Your SAML Configuration with Copy/Paste Prerequisites You need either the new certificate or XML data as provided by your identity provider. You must have admin privileges to access the company SAML settings. See permissions. Updating Your SAML Configuration Now that you are in the SAML configuration you can live update the metadata or certificate without having to de-federate the instance. There are two ways to update the certificate in the Bitsight platform. The first way to update is by uploading the new XML file provided by your IDP or copy and pasting the new certificate into the existing configuration. Below are the steps for both options. CAUTION: Before making any changes we recommend saving the existing metadata on your account. You can do this by copy and pasting the existing XML metadata from the Bitsight platform into a .txt document or save as an .xml file. Updating Your SAML Configuration with Metadata If you decide to replace the entire metadata file this section will explain the steps to proceed. This process will require you to obtain the new XML file from your identity provider for upload into the Bitsight platform. Select Open File in the SAML page [ Settings ➔ SAML]. Select the XML file provided to you by your identity provider stored in your local computer. This replaces the existing XML data. Select Update at the bottom of the SAML page. This updates the metadata and new certificate in the Bitsight platform. If this is successfully updated, there is no need to proceed any further. The certificate update is now complete. You may test logging into the Bitsight platform. Updating Your SAML Configuration with Copy/Paste Skip this if you already updated your SAML configuration with metadata and replaced the XML file. Your update is already complete. Identify the existing certificate within the Metadata field in the SAML page [ Settings ➔ SAML]. It starts with <ds:X509Certificate> and ends in </ds:X509Certificate>. Paste the new certificate between the <ds:X509Certificate> and </ds:X509Certificate> tags. Select Update at the bottom of the SAML page. Related articles SAML Setup SAML Microsoft Entra ID (Azure AD) Integration Guide Integrating Bitsight with ADFS Certificate Authorities Feedback 0 comments Please sign in to leave a comment.