Single Sign-On (SSO) Renewal

Prerequisites: Ensure you have administrative access to Casebook and the credentials for the SSO provider.

When SSO is set up with a Metadata URL, a new certificate will automatically replace the old one upon expiration. The rollover process is managed within the customer's SSO provider configuration. Some SSO providers, like Google, do not offer a URL but provide the metadata file for download. This file can be uploaded into Casebook using the provided link in the screenshot.


image (11)

When a certificate expires, the SSO configuration in Casebook has to be deleted and re-added using a fresh metadata file from the SSO provider containing the new certificate.

Metadata URL Configuration:

Automatic Certificate Rollover:

  • When SSO is configured using a Metadata URL, the rollover process is handled entirely within the customer's SSO provider configuration.
  • A new certificate is seamlessly implemented once the old one expires.
  • Casebook automatically picks up the new certificate once the old certificate expires.

Metadata File Configuration:

  1. Providers like Google:

    • Certain SSO providers, such as Google, do not offer a Metadata URL but provide a metadata file for download.
  2. Certificate Expiry Handling:

    • In scenarios where a certificate expires for file-based configurations, Casebook requires manual intervention.
    • The SSO configuration in Casebook must be deleted and re-added using a fresh metadata file obtained from the SSO provider.
  3. Uploading New Certificates:

    • Users need to download the updated metadata file from the SSO provider.

Having a clear understanding of certificate rollover and renewal is essential to ensure a secure and seamless SSO experience in Casebook. Whether you are using Metadata URLs for automatic certificate rollover or dealing with file-based configurations that require manual intervention, this guide equips administrators with the necessary information to effectively manage SSO certificates on the platform.