How to Configure SAML 2.0 for DigiCert


Supported Features

The Okta/DigiCert SAML integration currently supports the following features:

Configuration Steps

  1. Login to DigiCert as an administrator.

  2. Navigate to SETTINGS > Single Sign-on.

  3. Click Edit Federation Settings:


  4. In the Federation Settings section, enter the following:

    • Under How will you send data from your IDP?:

      • Select Use a dynamic URL and enter the following metadata URL:

        Sign into the Okta Admin dashboard to generate this value.

    • Under How will you identify a user?:

      • Select either NameID or Use a SAML attribute.

        If you select Use a SAML attribute you must enter an email value.

        Note: The email attribute is mapped to the Email user field in Okta. Use NameID option in case of a custom DigiCert nameid value.

    • Federation Name: The federation name must be unique. We recommend that you use your company name.

    • Click Save and Finish.


  5. The Single Sign-on (SSO) page opens. Save the SP Initiated Custom SSO URL value, you will need this URL for the SP-initiated flow:


  6. Done!


The following SAML attribute is supported:

SP-initiated SSO

Open the SP Initiated Custom SSO URL (step 5).