If your organization uses Single Sign-On (SSO) with SAML, the signing certificate in your Identity Provider (IdP) will eventually expire and must be renewed.
Updating the certificate before it expires ensures that users can continue signing in to Employee Surveys without interruption.
Instructions:
- Sign in to Employee Surveys as an administrator.
- Navigate to Account → User Management.
- Verify that the authentication method is Enterprise Sign-on (SAML).
- Upload the newly downloaded IdP Metadata XML.
- Save your changes.

Employee Surveys uses the metadata file to update the Identity Provider certificate and SAML configuration.
FAQ
How often do SSO certificates need to be renewed?
The validity period depends on your Identity Provider and your organization's security policies. Many providers issue certificates that are valid for several years.
Will users notice the certificate update?
No. If the update is completed before the existing certificate expires and the configuration is correct, users should continue signing in normally.
What happens if the certificate expires before it is updated?
Users authenticating through SSO will no longer be able to sign in until the new certificate has been uploaded and the SAML configuration has been updated. Read how to bypass the SSO login to update the certificate.
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article