Applies to

Smartsheet
  • Enterprise

SAML: Replace an expired IdP certificate

When a security certificate is about to expire, your Smartsheet SAML configuration may become disabled. Smartsheet will automatically send an email to System Admins on the account at 45 days and five days prior to the certificate’s expiration date. To avoid service disruption, you’ll need to make sure that your Identity Provider (IdP) security certificates are valid and up to date.

PLANS

  • Smartsheet
  • Enterprise

Depending on your IdP, the certificate may be deactivated up to 30 days in advance.

Prerequisites

  • Before you can replace your expiring IdP certificate and complete the rollover process discussed in this article, you’ll need to have a new certificate generated from your IdP. 
  • If you’re using the same EntityID as another Smartsheet account, it’s possible you won’t see the edit option and you won't be able to edit the metadata. In this case, have the System Admin of the other Smartsheet account follow the steps in this article to update the metadata for everyone who is using it. If you need to know who the System Admin on the other account is, check with your IT team. If they can't help, contact Smartsheet Support.

To replace an expired IdP certificate

It may take up to 10 minutes for the update to take effect.

  1. Select Account > Account Admin > Security Controls​.
    security-controls
  2. In the Security Controls form, select Edit​ in the Authentication section.
  3. Select Edit Configuration. 
  4. In the SAML Administration ​form, select Edit​ on the IdP that is about to expire. 
  5. In the Edit IdP ​form, select the Edit​ button next to the IdP Metadata.​
    edit-metadata
  6. Update the metadata with your new security certificate information and select Save​.
Was this article helpful?
YesNo