Connect to Digicert through Access (SAML)
This guide covers how to configure Digicert as a SAML application in Cloudflare Zero Trust.
Prerequisites
- A SAML identity provider configured in Cloudflare Zero Trust
- Admin access to a Digicert account
- SAML enabled in your Digicert account
1. Add a SaaS application to Cloudflare Zero Trust
- In Zero Trust, go to Access > Applications.
- Select Add an application > SaaS > Select.
- For Application, type
Digicert
and select the textbox that appears below. - For the authentication protocol, select SAML.
- Select Add application.
- Fill in the following fields:
- Entity ID:
https://www.digicert.com/account/sso/metadata
- Assertion Consumer Service URL:
https://www.digicert.com/account/sso/
- Name ID format: Email
- Entity ID:
- Copy the SAML Metadata endpoint.
- Select Save configuration.
- Configure Access policies for the application.
- Select Done.
2. Add a SAML SSO provider in Digicert
- In Digicert, select Settings > Single Sign-On > Set up SAML.
- Under How will you send data from your IDP?, turn on Use a dynamic URL.
- Under Use a dynamic URL, paste the SAML Metadata endpoint from application configuration in Cloudflare Zero Trust.
- Under How will you identify a user?, turn on NameID.
- Under Federation Name, enter a name (for example,
Cloudflare Access
). Your users will select this name when signing in. - Select Save SAML Settings.
3. Test and Enable SSO in Digicert
- In Digicert, select Settings > Single Sign-On.
- Copy the SP Initiated Custom SSO URL.
- Paste the URL into an incognito browser window and sign in. Upon successful sign in, SAML SSO is fully enabled.
- (Optional) By default, users can choose to sign in directly or with SSO. To require SSO sign in, go to Account > Users. Turn on Only allow this user to log in through SAML/OIDC SSO in the user details of the desired user.