Storing the IdP certificate in Workforce Management

The IdP certificate must be stored in the Sensitive Data Configuration maintenance form in Workforce Management. Only users that belong to the SYSTEM ADMINS security group can access this form.

  1. Select Maintenance > System Administration > Sensitive Data Configuration.
  2. Click Create New Entry.
  3. Specify this information to store the signing certificate:
    Configuration Type
    Select SAMLPUBLICCERT.
    Expiration Date
    Select the expiry date of the certificate. Use the same expiry date as the private key you created in Creating a private key and public certificate.
    Note: The SAML certificate expires in five years regardless of when the sensitive data expires.
    Protected Data
    Specify the certificate that you retrieved from your IdP. The certificate is used to verify the signature of any signed response that is received from the IdP.

    See Getting the signing certificate from the IdP.

  4. Click Save. The value in the Protected Data field is encrypted before being saved to the database. Protected data is always shown masked in the maintenance form.