<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content
System Status
Announcements
Announcements
Search
Search
Select Language
Knowledge Base
Knowledge Articles
Support Videos ↗
Documentation
Product Documentation ↗
Developer Documentation ↗
Product Release Notes ↗
Community
Events & Webinars
Okta Ideas ↗
Resources
Product Hub
Customer Success Hub
Product Release Update
Learning
Okta Learning ↗
Get Support
Open a Case
HomeCommunityForum
0D54z00009c505mCAAOkta Classic EngineSingle Sign-OnAnswered2024-10-02T09:00:14.000Z2023-09-01T20:35:09.000Z2023-10-18T15:27:18.000Z

zcity (zcity) asked a question.

September 1, 2023 at 8:35 PM
Does Okta offer automated rotation of the SP signing certificate?

I've noticed that other IdPs, such as PingFederate and Azure AD, offer the capability to maintain a list of SP certificates for verifying the signature of SAML requests. However, it appears that Okta currently supports only one signature certificate at a time. Consequently, to replace an expiring signature certificate, Okta requires a manual rotation process, which inherently carries a higher risk of causing downtime. Can someone please verify if this is accurate? Additionally, is there any intention to implement automated rotation in the future?

  • 1 answer
  • 987 views

  • User16594883467582706479 (Customer Support Online Experience)

    Hi, @zcity (zcity)​ 

     

    Thank you for posting on our Community page!

     

    Okta does not currently support this feature.

    You can suggest this on the Okta Community page by going to the Community→ Ideas tab. Features suggested in our community are reviewed and can be voted and commented on by other members of the community, therefore making it much easier for the engineering team to understand the priorities that you have for feature requests.

     

    Thank you for reaching out to our Community and have a great day!

    _____________________________________________________________________________

    Community members help others by clicking Like or Select as Best on responses. Try it today.

    _____________________________________________________________________________

    Expand Post
    Selected as Best

  • User16594883467582706479 (Customer Support Online Experience)

    Hi, @zcity (zcity)​ 

     

    Thank you for posting on our Community page!

     

    Okta does not currently support this feature.

    You can suggest this on the Okta Community page by going to the Community→ Ideas tab. Features suggested in our community are reviewed and can be voted and commented on by other members of the community, therefore making it much easier for the engineering team to understand the priorities that you have for feature requests.

     

    Thank you for reaching out to our Community and have a great day!

    _____________________________________________________________________________

    Community members help others by clicking Like or Select as Best on responses. Try it today.

    _____________________________________________________________________________

    Expand Post
    Selected as Best
This question is closed.
Loading
Does Okta offer automated rotation of the SP signing certificate?