SAML 2.0 Certificates

Warning: If you configured your SAML connection to provide metadata using a URL, update the certificate on your IdP and make sure that the metadata URL doesn't change. This ensures that Blackbaud can receive the update automatically. If the metadata URL does change, your users won't be able to sign in to access your Blackbaud solutions. To fix this, you'll need to update the metadata URL in your SSO configuration.

1. In Security, select Authentication.

2. Under Single sign-on, select Manage SSO settings.

3. In a separate browser tab, download a new certificate from your SAML IdP.

   The steps vary by IdP, and here are some examples:

   • For Google Workflow, sign in to your Google Workflow admin console with an administrator account, select the SAML app used with your members' Blackbaud IDs, and then select Download under Certificate.

   • For JumpCloud, generate the certificate and then sign in to your JumpCloud administrative console with an administrator account, select Applications and the SAML app used with your members' Blackbaud IDs, and then select Upload IdP certificate.

     Note: For information about how to generate the certificate for JumpCloud, see JumpCloud SAML Configuration Notes.

   • For OneLogin, sign in to your OneLogin administrator dashboard with an administrator account, select the SAML connection used with your members' Blackbaud IDs, and then, under SSO, select View details under the X.509 certificate field, and then Download.

4. Return to Blackbaud's Single sign-on page to upload the certificate.

   1. Select Upload new certificate.

   2. Select Choose file, then browse to and select the new Personal Information Exchange (.pfx) file for your SAML 2.0 connection.

   3. Select Save.