SAML Certificate Update

Increased authentication security

Firstbird by default signs all requests sent to your identity provider with our private key. The certificate we provide can be used by your identity provider to validate the requests received for increased security.

If you are using our certificate to validate our requests or to encrypt your responses, you must make sure that the certificate is updated with your identity provider.

Automatic Certificate Rollover

The new certificate has already been made available via the metadata url which will allow your IT department to prepare for an automatic rollover.

If your identity provider supports the automatic rollover of certificates, your IT department will be able to maintain the old certificate as well as the new one. Your identity provider will then automatically switch to the new certificate on the expiration date with no service interruptions.

Manual Certificate Update

If your identity provider doesn't support an automatic rollover, you will need to change your configuration at the same time as Firstbird starts to sign requests using the new certificate!

This will be on

22.03.2021 8AM CET


If you fail to update the configuration on your end at this time, your users might not be able to login via SSO anymore!

Location of the Metadata URL

The metadata url can be found under Account Preferences → Authentication → SSO → Single Sign-On → Single Sign-On Configuration. Click on “Expand” to open up the details of the SSO configuration. Here you will find the METADATA URL.

The url contains the current and new certificate. Please copy the URL and forward it to the person or department responsible for managing your identity provider. You can find the instructions also in our Help Center.

SAML Certificate Update


For further questions or troubleshooting, you can contact

You message was sent
We'll get in touch with you soon