RELATED IDEAS
Metadata_url for SAML should support fetching certificate information dynamically
In environments where certificates are rotated automatically every few months (Azure AD), the current strategy of fetching the metadata once and then saving it as manual settings will require refreshing it whenever the certificate is rotated.
Metadata_URL being set should cause a dynamic fetch at login time.
Metadata_URL being set should cause a dynamic fetch at login time.
-
ADMIN RESPONSEOct 11, 2019
Thanks for the idea!
We currently do not have plans to implement this request. We will continue to monitor for overall community feedback. We hope you can understand.
We recently had an issue with annual renewal of ADFS certificates which gave rise to fingerprint inconstencies.