Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update SAML-SSO.md #54392

Merged
merged 3 commits into from
Dec 23, 2024
Merged

Update SAML-SSO.md #54392

Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
36fd3f6
Update SAML-SSO.md
michaelkwardrop Dec 19, 2024
399ed1a
Update SAML-SSO.md
michaelkwardrop Dec 20, 2024
3906fe4
Update SAML-SSO.md
michaelkwardrop Dec 20, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
12 changes: 6 additions & 6 deletions docs/articles/expensify-classic/domains/SAML-SSO.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@ Once the domain is verified, you can access the SSO settings by navigating to Se
**Below are instructions for setting up Expensify for specific SSO providers:**
- [Amazon Web Services (AWS SSO)](https://static.global.sso.amazonaws.com/app-202a715cb67cddd9/instructions/index.htm)
- [Google SAML](https://support.google.com/a/answer/7371682) (for GSuite, not Google SSO)
- [Microsoft Azure Active Directory](https://azure.microsoft.com/en-us/documentation/articles/active-directory-saas-expensify-tutorial/)
- [Microsoft Entra ID (formerly Azure Active Directory)](https://learn.microsoft.com/en-us/entra/identity/saas-apps/expensify-tutorial)
- [Okta](https://saml-doc.okta.com/SAML_Docs/How-to-Configure-SAML-2.0-for-Expensify.html)
- [OneLogin](https://onelogin.service-now.com/support?id=kb_article&sys_id=e44c9e52db187410fe39dde7489619ba)
- [Oracle Identity Cloud Service](https://docs.oracle.com/en/cloud/paas/identity-cloud/idcsc/expensify.html#Expensify)
Expand All @@ -39,13 +39,13 @@ The entityID for Expensify is https://expensify.com. Remember not to copy and pa
## Can you have multiple domains with only one entity ID?
Yes. Please send a message to the Concierge or your account manager, and we will enable the use of the same entity ID with multiple domains.

## How can I update the Microsoft Azure SSO Certificate?
## How can I update the Microsoft Entra ID SSO Certificate?
Expensify's SAML configuration doesn't support multiple active certificates. This means that if you create the new certification ahead of time without first removing the old one, the respective IDP will include two unique x509 certificates instead of one, and the connection will break. Should you need to access Expensify, switching back to the old certificate will continue to allow access while that certificate is still valid.

**To transfer from one Microsoft Azure certificate to another, please follow the below steps:**
1. In Azure Directory, create your new certificate.
2. In Azure Director, remove the old, expiring certificate.
3. In Azure Directory, activate the remaining certificate and get a new IDP for Expensify from it.
**To transfer from one Microsoft Entra certificate to another, please follow the below steps:**
1. In Microsoft Entra, create your new certificate.
2. In Microsoft Entra, remove the old, expiring certificate.
3. In Microsoft Entra, activate the remaining certificate and get a new IDP for Expensify from it.
4. In Expensify, replace the previous IDP with the new IDP.
5. Log in via SSO. If login continues to fail, write to Concierge for assistance.

Expand Down
Loading