Renewing SAML Certificates

Cette page n'est pas encore disponible en français, sa traduction est en cours.
Si vous avez des questions ou des retours sur notre projet de traduction actuel, n'hésitez pas à nous contacter.

Overview

When Datadog rotates its SAML certificate, you need to update the certificate stored in your identity provider (IdP). Until you do this, your IdP may stop sending SAML assertions after it detects the old certificate has expired. This can prevent users from logging in.

Datadog automatically renews SAML certificates and notifies you before a certificate expires.

Renew certificates

  1. Sign in to Datadog as an organization administrator.
  2. Download the SAML metadata XML file.
  3. In the metadata file, find the X.509 certificate value used for your SAML configuration (encryption, signing, or both, depending on how your IdP is set up).
  4. In your IdP’s SAML application for Datadog, replace the existing certificate with the new certificate from the metadata file.
  5. Save the change.
  6. Verify the SSO login:
    1. Initiate a SAML login flow from your IdP or from the Datadog login page.
    2. Confirm that users can sign in with SSO.
If you manage multiple environments (for example, commercial and federal regions), repeat these steps for each Datadog SAML application in your IdP that uses a separate certificate.

Further reading

Documentation, liens et articles supplémentaires utiles:

Configuring Single Sign-On With SAMLDOCUMENTATION more more