Ensure uninterrupted Single Sign-On (SSO) access by updating your SAML X509 certificate in Workvivo when it expires or is rotated by your Identity Provider (IdP).
Keeping your certificate up to date helps avoid authentication failures and ensures users can continue signing in securely.
Using SAML Certificate Management
On Desktop
- Log in to Workvivo as a user with the IT Administrator role assigned
- Navigate to Admin > Admin Hub > Provisioning
- Select your Authentication and System Settings
How to update the certificate
- Locate the SAML X509 Certificate field
-
Ensure your new certificate is in the correct X509 format
- If needed, you may choose to validate and format the certificate using a third-party formatting tool: Format X.509 certificate
- Save a copy of the existing certificate before making changes
- Paste the new certificate into the SAML X509 Certificate field
- Click Submit
Additional Information
- Certificate updates typically do not require user action once saved
- We recommend performing updates outside peak user hours
- Always test the login after updating the certificate to confirm success. We recommend using a private or incognito browser window when testing
For Google SSO: Certificate changes can take up to 24 hours to fully take effect. During this time, users may continue to authenticate using cached settings. For more information, see Google’s documentation on SAML configuration updates.
Still having issues?
If you do not see SAML authentication options enabled in your environment, please contact Workvivo Support for assistance.