Skip to main content

Stage or immediately rotate IdP certificate

POST 

/client/sso/config/rotate-cert

Stage a new IdP certificate for dual-cert acceptance window (rotate_now=false, default), or immediately promote it to primary (rotate_now=true). During the staging window both idp_x509_cert and idp_x509_cert_next are accepted for SAML signature validation, allowing zero-downtime IdP certificate rotation.

Request

Responses

Successful Response