Renewing SAML Certificates

このページは日本語には対応しておりません。随時翻訳に取り組んでいます。
翻訳に関してご質問やご意見ございましたら、お気軽にご連絡ください

Overview

When Datadog rotates its SAML certificate, you need to update the certificate stored in your identity provider (IdP). Until you do this, your IdP may stop sending SAML assertions after it detects the old certificate has expired. This can prevent users from logging in.

Datadog automatically renews SAML certificates and notifies you before a certificate expires.

Renew certificates

  1. Sign in to Datadog as an organization administrator.
  2. Download the SAML metadata XML file.
  3. In the metadata file, find the X.509 certificate value used for your SAML configuration (encryption, signing, or both, depending on how your IdP is set up).
  4. In your IdP’s SAML application for Datadog, replace the existing certificate with the new certificate from the metadata file.
  5. Save the change.
  6. Verify the SSO login:
    1. Initiate a SAML login flow from your IdP or from the Datadog login page.
    2. Confirm that users can sign in with SSO.
If you manage multiple environments (for example, commercial and federal regions), repeat these steps for each Datadog SAML application in your IdP that uses a separate certificate.

Further reading

お役に立つドキュメント、リンクや記事:

Configuring Single Sign-On With SAMLDOCUMENTATION more more