CI IDP Details

Cross Identity certificate is the default certificate for CI IdP.

1. Navigate to Security > CI IDP Details. 

   

   If CI acts as an identity provider, the IDP SLO URL will be displayed in this tab. It is a tenant-specific URL and will change with every tenant. It's a custom logout URL for a SAML application. The hostname (tenant domain) will change, but the context remains unchanged.

2. Similarly, when CI is the identity provider during an SP-initiated SSO, the IDP SSO URL that received SP's authentication request will be displayed in this tab. The hostname (tenant domain) will change, but the context remains unchanged.

3. During SP-initiated SAML SSO, end-users can connect to the target application only if they are permitted via a role or a username (either "All users" or a specified role). The default certificate (XP default) will be displayed on the screen with the status 'ENABLED'.

4. Click Import Certificate. The Import Certificate screen appears. 

   

5. Enter the Label (mandatory field) and Description for the certificate.

6. Choose the files to be imported. The imported file should be in .PEM file format with public or private key pair (mandatory).

7. Click Import. The certificate will be displayed.

8. Toggle the status to Enable and click View Certificate to view the imported certificate.