Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Renew your SAML certificate

September 13, 2022

SAML uses X.509 certificates to ensure the authenticity and integrity of information shared between your identity provider and your directory.

A SAML certificate is only valid for a period of time. You specify the lifespan of your SAML certificate in your identity provider. We notify you 30 days before your certificate expires and then after your certificate expires.

To renew your SAML certificate, check the renewal instructions in the support documents of your identity provider. Then you can add the certificate to your SAML configuration.

Add the renewed certificate to your SAML configuration

  1. From your organization at admin.atlassian.com, select Security > Identity providers.

  2. Select identity provider Directory.

  3. Select View SAML single sign-on.

  4. Select Edit SAML single sign-on.

  5. Add renewed SAML Public x509 Certificate.

  6. Save SAML configuration.

Learn more about SAML single sign-on

Comment
Watch
Like # people like this
20826 views

3 comments

Richard Blundell
Richard Blundell
Contributor
January 15, 2025

Hi, We've used SAML SSO for years with Jira.  Our SSO certificate is due to expire shortly so I need to update it with a new one.  Following the instructions above I cannot even find where our existing SAML SSO certificate is registered/set in the Atlassian account.  It just says something about "Atlassian Guard".  I don't want to have to buy any additional products or licences just to update our single existing certificate.  I just need to update the certificate and I don't need to change anything else.  How can I do this?  Note that I don't see an identity provider in the list named "Directory", but I suspect that is not what you meant in your instructions, above ("2. Select identity provider Directory").

Like # people like this
reuben_hollifield
reuben_hollifield
Contributor
January 31, 2025

Hi @Richard Blundell

I followed the process above and was able to renew our SSO certificate, however, the terminology looked a little different.  Just to note, I am a Jira Admin and Organization Admin and we also have Atlassian Guard.  I don't think you have to have Atlassian Guard to have SSO, so it seems like this should be available for you if you are an Org Admin.  Here are the steps I took: 

  • Login to your organization at https://admin.atlassian.com/ 
  • Select the Security tab
  • Click on your identity provider (Azure, etc). 
  • You should then see a figure of how many synced users and groups you have for that provider. 
  • Click on View SAML configuration
  • Paste your new certificate into the Public x509 certificate section.  (I used the "Paste as plain text" option which seemed to work best here)
  • Click Save 

That worked for us and I hope this works for you! 

Like Richard Blundell likes this
Richard Blundell
Richard Blundell
Contributor
February 3, 2025

Thank you, @reuben_hollifield, I'll try that when I look at this next!

Like reuben_hollifield likes this

Comment

Log in or Sign up to comment
Sophie Jasson-Holt

Sophie Jasson-Holt

Atlassian Team
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.

About this author

Senior Content Designer

Atlassian

3 total posts

View profile
Atlassian logo
Atlassian Guard
TAGS
AUG Leaders

Atlassian Community Events

    See all events