As an Identity and Access Management (IAM) solution, one of the core authentication standards that we support is Security Access Markup Language (SAML). You can find out more about how SAML works on our IAM 101 SAML page. When configuring SAML, a trust relationship has to be established between the system that is doing the authentication.
A signing certificate is necessary to establish this trust relationship and is used by the IdP to confirm that the authentication requests are coming from the IdP and not an entity that is trying to trick their way in. Our customers often ask us about how to manage these signing certificates in terms of the best options to choose when creating them and how to handle renewing them when they expire. Since OneLogin can play both the role of an IdP and of an SP, we have summarized our recommendations for both scenarios. ...read more!
