SAML SSO Security Update: Identity Provider Certificate

Find a quick tutorial on how to update your SAML SSO credentials with your Identity Provider Certificate here.

Security and privacy remain a critical priority for the Knack team. We are preparing a feature release for December 10, 2024 that will increase the security strength of SAML integrations.

Due to this change, you will be required to update your SAML credentials in your active Knack apps with an Identity Provider's Certificate. 

What is an Identity Provider Certificate?

This certificate is a type of digital key that improves the security of your SAML login process. Specifically, it signs your SAML requests with RSA-SHA1 certificates which are used for validating responses from your identity provider.

How do I obtain an Identity Provider's Certificate?

The certificate must be obtained from your IdP (Identity Provider). Please review your Identity Provider’s documentation on how to create an “Identity Provider” certificate. 

Warning: If you do not create a certificate and update your applications by December 10th, 2024, your SAML integration will not function correctly.

How can I update my SAML SSO credentials?

To update your SAML SSO credentials with the certificate, you can follow these steps:

  • From an active app that utilizes SAML SSO, navigate to the Pages tab in the Builder.

  • Select the page with the login view that possesses SAML SSO credentials.

  • Click to edit the login view and select the "Settings" option.

  • Within the settings, you will find your pre-existing SAML SSO provider. Select the pen icon to the right to edit the credentials. 

  • From the Edit Credentials modal, you'll find the Identity Provider's certificate field input to update. 

Watch the video below to learn how to access your SSO provider's credentials.