Updating SSO Metadata
After you’ve enabled SSO in production, you might want to update the SSO metadata.
Reasons for updating the metadata include:
-
The identity provider or service provider certificate has expired.
-
The identity provider or provider key has been compromised.
-
The identity provider URL endpoints need to be updated.
If any of these reasons applies, then:
- Schedule an update of the SSO metadata in advance, because it requires an outage.
- Disable SSO using Disable SSO.
- Update the identity provider or service provider metadata as needed.
- Test the configuration, as described in Testing SSO.
- After testing shows that SSO is working correctly, reenable SSO by clicking Enable SSO as described in Enabling SSO.