Important Update: New SAML EntityID and Certificate Expiration
We are implementing a transition to a new SAML EntityID and updated service URLs, coinciding with our 2025 certificate rollover. This change is designed to update our infrastructure while ensuring a smooth migration path for all users.
Our Approach: Parallel Support
To minimize disruption, we are introducing a new EntityID and fresh endpoints alongside the new certificate. We understand that some legacy systems may not be able to update immediately; therefore, the old EntityID will remain active with its existing configuration and will not receive the certificate update.
Key Configuration Changes
1. New Configuration (Recommended)
This track uses the new certificate and updated service endpoints. We recommend all Service Providers (SPs) migrate to this configuration to maintain long-term compatibility.
| Property | Deprecated Value | New Value (Update to this) |
| Metadata URL | .../meta-2016.xml | https://idp.ssocircle.com/meta.xml |
| EntityID / Issuer | http://idp.ssocircle.com | https://idp.ssocircle.com/saml |
| Certificate | cert-2016.txt | cert-idp.txt |
2. Legacy Configuration (No Action Required)
For Service Providers that cannot support the new certificate or EntityID change, the existing “Deprecated” configuration will remain available.
- Status: Stays as-is.
- Note: This configuration will still work after March 4, 2026, unless your Service Provider strictly enforces certificate expiration dates.
Detailed Manual Endpoint Map
For those performing a manual update, please note the change in the URL alias from /publicidp to /saml. This needs also be applied to all metaalias parameters in IDP initiated login/logout URLs.
| Service (HTTP-Redirect) | New Endpoint URL |
| Single Sign-On | https://idp.ssocircle.com:443/sso/SSORedirect/metaAlias/saml |
| Single Logout | https://idp.ssocircle.com:443/sso/IDPSloRedirect/metaAlias/saml |
| Artifact Resolution | https://idp.ssocircle.com:443/sso/ArtifactResolver/metaAlias/saml |
Summary of Impact
- New Integrations: Should use the New EntityID (
.../saml) and the new certificate immediately. - Existing Integrations: You can migrate to the new EntityID at your convenience. If your SP ignores certificate expiration, the legacy path will continue to function for the foreseeable future.
- Validation: The updated metadata at
https://idp.ssocircle.com/meta.xmlhas been valid since November 11, 2025.
We are announcing an update to our Public IDP configurations. To ensure uninterrupted service and maintain security standards, we have released updated metadata and certificates.
While the previous configuration remains valid, we recommend all Service Providers (SPs) update their settings from now on.
| Property | Deprecated IDP | New IDP |
| Issuer | http://idp.ssocircle.com |
https://idp.ssocircle.com/saml |
| SSO (HTTP-Redirect) | .../SSORedirect/metaAlias/publicidp |
.../SSORedirect/metaAlias/saml |
| SSO (HTTP-POST) | .../SSOPOST/metaAlias/publicidp |
.../SSOPOST/metaAlias/saml |
| Artifact Resolution | .../ArtifactResolver/metaAlias/publicidp |
.../ArtifactResolver/metaAlias/saml |
| SLO (HTTP-Redirect) | .../IDPSloRedirect/metaAlias/publicidp |
.../IDPSloRedirect/metaAlias/saml |
| SLO (HTTP-POST) | .../IDPSloPost/metaAlias/publicidp |
.../IDPSloPost/metaAlias/saml |
| Certificates | https://idp.ssocircle.com/cert-2016.txt |
https://idp.ssocircle.com/cert-idp.txt |
| IDP initiated SSO | https://idp.ssocircle.com/sso/idpssoinit?metaAlias=%2Fpublicidp&spEntityID=<YOUR SERVICE PROVIDER ENTITY ID> |
https://idp.ssocircle.com/sso/idpssoinit?metaAlias=%2Fsaml&spEntityID=<YOUR SERVICE PROVIDER ENTITY ID> |
If you have a specialized use case or require further assistance, please reach out to our support team.
