How to Update SAML Configuration on iObeya When the IdP Certificate Changes

Context:

As an administrator of the iObeya platform, you may receive a notification from the Identity Provider (IdP) team informing you of a certificate change on their end. This article outlines the steps to update the SAML configuration with the new certificate.

Actions to Take:

1. Request the IdP team to provide you with the public URL of the metadata XML file or, if the URL is not available, the new metadata XML file.
2. Log in to the iObeya administration interface using an account with platform administrator rights.
3. Navigate to the SAML configuration by selecting the "Configuration" menu, then choosing "Authentication Policies".
4. Enable the default policy, ensuring that you have a local iObeya user with platform administrator rights to avoid getting locked out. Make note of the provided rollback URL, as it allows you to revert to the current policy if needed.
5. Edit the policy containing the SAML mechanism by selecting the appropriate option.
6. Within the SAML mechanism, in the "Configuration" section, enter either the public URL of the metadata XML file or import the new metadata XML file provided by the IdP team.
   
   Note: It is recommended to use the public URL instead of the file, as the URL remains valid during IdP certificate changes. This will save you from having to perform this procedure during the next certificate change.
7. Save the changes made to the SAML configuration.

Once these steps are completed, the SAML configuration will be updated with the new IdP certificate. Users will be able to continue accessing iObeya using SAML authentication without interruption.

If you encounter any difficulties during this process or have additional questions, please feel free to contact our support team at support@iobeya.com.