Skip to main content

Configure ODIC SSO

POST https://www.digicert.com/services/v2/sso/oidc/entity

Use this endpoint to set up single sign-on with your Identity Provider (IdP) using OpenID Connect (OIDC).

Prerequisites

Before using this endpoint, make sure you have access to and are familiar with your company's Identity Provider (IdP), such as PingOne or Okta. You need:

  • Permission to set up OIDC SSO for an application (CertCentral) in your IdP.

  • Access to the provider URL, client ID, and client secret for your OIDC service.

Example requests and responses

Request parameters

Name

Req/Opt

Type

Description

provider_url

required

string

URL for your Identity Provider (IdP). Get this value from your IdP service.

client_id

required

string

Client ID from your IdP that CertCentral can use to identify itself in requests to your OIDC service.

client_secret

required

string

Password from your IdP that CertCentral can use to authenticate requests to your OIDC service.

friendly_name

required

string

Custom SSO provider friendly name. If discoverable is true, this friendly name is visible to anyone who visits DigiCert's public SSO login pages.

scope_parameter

required

string

ID token claim attribute to match with the username.

Allowed values:

  • email: Email

  • sub: Subject

  • preferred_username: Preferred username

  • username: Username

discoverable

optional

boolean

If true, your provider friendly name appears in the list of IdPs for anyone who visits DigiCert's public SSO pages.

Default: false

Errors

Status

Code

Description

400

invalid_value|provider_url

The provider URL is invalid. Make sure you have the correct provider URL and try again. You can get the provider URL for your OIDC service from your IdP.

400

friendly_name_exists_already

The friendly name already exists. Choose a unique friendly name and try again.

400

invalid_value|scope_parameter

The ID token claim attribute is invalid. Use one of these allowed values:

  • email

  • sub

  • preferred_username

  • username