Signing Certificate expiration report

hank.warner · December 6, 2022, 7:02pm

For enterprise SAML connections, we are receiving automated emails notifying us when a signing certificate will expire in 30 days. Is there a way to pull a list of these expiration dates for all of our SAML enterprise connections? The email alerts are beneficial, but we would like more insight into these expiration dates further out than 30 days without having to check them manually.

Here is an example of the email alert:

This is an automated message being sent because you've configured a SAMLP connection (**[CLIENT]**) in tenant **[TENANT]** with a signing certificate that will expire on **[DATE]**, or **[NUM_DAYS]** from now.
Users will not be able to log in from this connection once the certificate expires.

Thank you

david_wisecarver · December 6, 2022, 9:48pm

Hi @hank.warner,

I believe the best way to get this information would be from the GET /api/v2/connections endpoint of the Management API. If you include ?strategy=samlp you will get a list of all your SAML connections, and within the ‘options’ object you will see the expiration of each connection’s certificate.

Hope this helps!

Thanks,
Dave