You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: docs/programs/single-sign-on-sso-via-saml.md
+12-10Lines changed: 12 additions & 10 deletions
Original file line number
Diff line number
Diff line change
@@ -96,27 +96,29 @@ When the primary certificate isn't used anymore, you can promote the alternative
96
96
97
97
### Changing Identity Providers
98
98
99
-
If you need to change your identity provider at any time, to provide a more seamless self-service configuration, you can follow these steps:
99
+
If you need to change your identity provider at any time, to provide a more seamless self-service configuration, you can follow these steps:
100
+
101
+
1. Copy this information from your prior identity provider configuration:
100
102
101
-
1. Copy this information from your prior identity provider configuration:
102
-
103
103
Field | Details
104
104
------ | ------
105
105
Domain | The domain for users that was required to use SAML authentication.
106
106
Single Sign On URL | The URL from your SAML provider to initiate a single sign-on attempt, sometimes called the login URL.
107
107
X509 Certificate | The certificate from your SAML provider to verify the single sign-on response.
108
-
109
-
2. Preconfigure your new identity provider on your provider's site with information from HackerOne. Depending on your provider, you may need HackerOne's metadata endpoint and ACS URL. You can find that along with other helpful information [here](sso-faqs.html).
110
-
* If you're using [Google](google-sso-saml-setup.html), [Okta](okta-sso-saml-setup.html), or [OneLogin](onelogin-sso-saml-setup.html), you can use the resources on our docs site for configuring those identity providers (more links are at the top of this page).
111
-
108
+
109
+
2. Preconfigure your new identity provider on your provider's site with information from HackerOne. Depending on your provider, you may need HackerOne's metadata endpoint and ACS URL. You can find that along with other helpful information [here](sso-faqs.html).
110
+
* If you're using [Google](google-sso-saml-setup.html), [Okta](okta-sso-saml-setup.html), or [OneLogin](onelogin-sso-saml-setup.html), you can use the resources on our docs site for configuring those identity providers (more links are at the top of this page).
111
+
112
112
3. Go to **Program Settings > General > Authentication** in HackerOne.
113
+
113
114
> **Note:** Steps 4 - 7 will make your SAML authentications temporarily unavailable. Be sure to communicate this to your program members as needed.
114
-
4. Disable your current configuration by clicking **Yes, disable SAML**.
115
+
116
+
4. Disable your current configuration by clicking **Yes, disable SAML**.
115
117
5. Uncheck the check box for **Send password reset emails to affected users."
6. Re-configure your SAML configuration with the new identity provider information by following steps 1-12 [here](single-sign-on-sso-via-saml.html#set-up).
118
120
7. Make sure the checkbox for *Notify existing users that SAML is enabled** is unchecked when the **Enable SAML** window pops up.
0 commit comments