QuickHelp's current signing certificate for Single Sign-On is expiring and we are replacing it with a new certificate. QuickHelp has new metadata that can be imported into your Identity Provider (IdP), and a change will need to be made in the QuickHelp Admin Portal. Please follow the steps below, in order, before December 6, 2018, to ensure continued QuickHelp Access.


If your IdP doesn't require or check a Service Provider's signing certificate, then you will not need to make any changes. If you are unsure, please reach out to your IT/Identity/SSO Team.


If your IdP is OKTA, no action is required.

If your IdP is Azure, no action is required.



WS-Fed (e.g. ADFS)


If your IdP automatically updates a Service Provider's metadata, then you will not need to make any changes.


IdP Configuration

  1. Update the existing BrainStorm configuration with the following metadata: https://quickhelp.blob.core.windows.net/metadata/QuickHelpWSFederationMetadata.xml
    NOTE: Depending on your IdP, you may simply replace the existing metadata file and let the IdP extract the information. Or you may need to extract the information first and replace the respective configurations in your IdP.



SAML 2.0 (e.g. Ping Federate)


QuickHelp Configuration

  1. Login to the QuickHelp Admin portal using your QuickHelp administrator account.
  2. Click Settings.
  3. Click Authentication Settings.
  4. Click on your Identity Provider Display Name.
  5. Locate the Signing Certificate pulldown menu in Miscellaneous and choose .quickhelp.com 2019.
  6. Click Save Changes.


THEN


IdP Configuration

  1. Update the existing BrainStorm configuration with the following metadata: https://quickhelp.blob.core.windows.net/metadata/QuickhelpSamlMetadataQHCert.xml
    NOTE: Depending on your IdP, you may simply replace the existing metadata file and let the IdP extract the certificate. Or you may need to extract the certificate first and replace the respective configurations in your IdP.