Retrieve SAML metadata and certificates from the Settings page for single sign-on capabilities with SaaS applications.

1. Navigate to Resources > Apps > SaaS and select Settings.
2. Select SAML Metadata > Download SAML Metadata and complete the tasks.

   Setting	Description
   SAML Metadata	Copy and save the Identity Provider metadata and the Service Provider metadata. Select the links and open a browser instance with the XML data. Configure your third-party identity provider with this information.
   Signing Certificate	Copy the signing certificate that includes all the code in the text area. You can also download the certificate to save it as a TXT file.

3. Select Generate CSR and complete the tasks for requesting a digital identity certificate (SSL certificate) from your certificate authority.
   This request identifies your company, domain name, and public key. The third-party certificate authority uses it for issuing the SSL certificate. To update the metadata, upload the signed certificate.

   Setting - New Certificate	Description
   Common Name	Enter the fully qualified domain name for the organization's server.
   Organization	Enter the name of the company that is legally registered.
   Department	Enter the department in your company that the certificate references.
   City	Enter the city where the organization is legally located.
   State / Province	Enter the state or province where the organization legally resides.
   Country	Enter the legal country of residence for the organization.
   Key Generation Algorithm	Select an algorithm used to sign the CSR.
   Key Size	Select the number of bits used in the key. Select 2048 or larger. RSA key sizes smaller than 2048 are considered insecure.

   Setting - Replace a Certificate	Setting
   Upload SSL Certificate	Upload the SSL certificate received from your third-party certificate authority.
   Certificate Signing Request	Download the certificate signing request (CSR). Send the CSR to the third-party certificate authority.