Topic

Updating Organization-Level SSO Metadata in Everbridge Member Portal

Description

Organizations within the same Everbridge account can maintain separate Single Sign-On (SSO) configurations for the Member Portal. Each organization supports a single metadata file, allowing independent configuration rather than a shared account-level metadata file.

When an identity provider (IdP) issues a metadata update, the notification typically includes certificate expiration details, effective date and time of the update, a metadata file location (often a URL), implementation steps, and potential service impact if not applied.

This article outlines the process to update or replace the SSO metadata file at the organization level within the Everbridge Member Portal. Follow the applicable procedure depending on whether only the metadata file is being updated or a full reconfiguration is required.

Preparation

Notify impacted users of the planned SSO update, including timing and any expected access impact.

Ensure that break glass access is configured prior to making changes. This allows continued platform access if SSO is temporarily unavailable. For additional information, see this knowledge article: EBS: Single Sign-On (SSO) Break Glass Access in Everbridge Suite.

Backup Existing Configuration

1. Select the appropriate organization from the Manager Portal.
2. Navigate to Settings.
3. Select Security.
4. Select Single Sign-On for Member Portal.
5. Capture the existing configuration details for reference.
6. Select Download to save the current metadata file.

Update Identity Provider Metadata File Only

1. Access the Manager Portal with organization administrator permissions.
2. Navigate to Settings.
3. Select Security.
4. Select Single Sign-On for Member Portal.
5. Select the Edit icon next to the current metadata file.
6. Choose the new metadata XML file obtained from the IdP.
7. Select Open.
8. Select Save.
9. Proceed to validation of the SSO configuration.

Full Reconfiguration of Member Portal SSO

1. Access the Manager Portal with account administrator permissions.
2. Navigate to Settings.
3. Select Security.
4. Select Single Sign-On for Member Portal.
5. Select Remove to clear the existing configuration.
6. Enter the SSO Name based on the backup.
7. Enter the API Name, ensuring it matches the Entity ID and ACS values exactly.
8. Upload the Identity Provider Metadata file.
9. Select the appropriate Security Hash Algorithm.
10. Select Save.
11. Optional: Enable Mobile App access and enter the corresponding key phrase.
12. Select Save again to generate the Everbridge metadata download option.

Validate SSO Configuration

Conduct validation by initiating login attempts through SSO.

If authentication fails:

1. Capture error messages and screenshots.
2. Restore the previous configuration using the saved backup and metadata file.
3. Coordinate with the identity provider administrator to review configuration details.
4. Open a case with Everbridge Technical Support and include:
   1. Error message
   2. Impacted user
   3. Username used
   4. Date and time of attempt

Download Metadata for Record Retention

After successful configuration, download the updated metadata file for record retention.

1. Access the Manager Portal with account administrator permissions.
2. Navigate to Settings.
3. Select Security.
4. Select Single Sign-On for Manager Portal.
5. Select Download to save the metadata XML file.

Maintaining accurate records of SSO configurations supports auditability and simplifies future updates.

Related Articles

EBS: Troubleshooting Single Sign-On (SSO) in Everbridge Suite
EBS: Troubleshooting & Configuration Guide for Single Sign-On (SSO) - Main Page