<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content
System Status
Announcements
Announcements
Search
Search
Select Language
Knowledge Base
Knowledge Articles
Support Videos ↗
Documentation
Product Documentation ↗
Developer Documentation ↗
Product Release Notes ↗
Community
Events & Webinars
Okta Ideas ↗
Resources
Product Hub
Customer Success Hub
Product Release Update
Learning
Okta Learning ↗
Get Support
Open a Case
HomeKnowledge Base
Updating vs Cloning Key Credential for Outbound SAML Apps
Aug 6, 2025
Single Sign-On
Okta Classic Engine
Okta Identity Engine
Overview

This article explains the difference between updating key credential and cloning key credential for outbound Security Assertion Markup Language (SAML) apps and why updating the key credentials is necessary after cloning.

Applies To
  • Outbound Security Assertion Markup Language (SAML) Appliations
Solution

  • Updating the key credential

Updating the key credential for outbound SAML apps refers to updating the key that the application is configured to use. This key points to the certificate it should use and activates the certificate. To update the key credential, follow the steps outlined in this article: Update the key credential.

 

  • Cloning the key credential

Cloning the key credential makes the certificate available to the application, but does not activate it. To clone the key credential, follow the steps outlined in this article: How to Share/Clone a Certificate Between Two Okta SAML Applications Using Postman.

 

    • Updating the key credential after cloning

After cloning the key credential, it is necessary to update the key credential for the target application to activate the certificate. To update the key credential, follow the steps outlined in "Updating the key credential" above.

Recommended content

Still looking for help?
Loading
Updating vs Cloning Key Credential for Outbound SAML Apps