Authentication Monitoring

Monitor SSO authentication through your identity provider’s built-in logging and monitoring tools.

SSO Health Monitoring

Regularly check the status of your SSO configuration:
1

Check Connection Status

Navigate to Settings > Single Sign-On to view the current status of your SSO connection.
2

Monitor IdP Activity

Use your identity provider’s monitoring tools to track authentication patterns and identify any issues.
3

Test Periodically

Run periodic connection tests to ensure your SSO configuration remains functional.

Updating SSO Configuration

Certificate Renewal

Note: Certificate renewal is only required for Custom SAML, Keycloak, and PingFederate configurations. Other identity providers handle certificate management automatically.
For applicable providers, certificates typically expire annually. To update certificates:
1

Get New Certificate

Download the new X.509 certificate from your identity provider before the current one expires.
2

Update Ravenna

In your SSO settings, replace the old certificate with the new one.
3

Test Configuration

Run a connection test to verify the new certificate is working correctly.

Modifying Domain Configuration

To add or remove domains from SSO authentication, you’ll need to contact Ravenna support:
  1. Contact support with your domain modification request
  2. Provide details about which domains you want to add or remove
  3. Verify domain ownership if adding new domains (support will guide you through this process)
  4. Notify affected users about authentication method changes once the update is complete

Security Best Practices

Regular Security Reviews

Certificate Management

Monitor certificate expiration dates and plan renewals in advance

Access Reviews

Regularly review SSO user access and remove inactive accounts

Configuration Audits

Periodically audit SSO settings and update as needed

Activity Monitoring

Use your IdP’s monitoring tools to track authentication patterns

Certificate Management Best Practices

  • Set renewal reminders: Create calendar reminders 30-60 days before certificate expiration
  • Test certificate updates: Always test in a non-production environment first
  • Maintain certificate inventory: Keep track of which certificates are used for which configurations
  • Backup certificates: Store certificate backups securely

Access Control Monitoring

  • Regular user audits: Review user access quarterly or when organizational changes occur
  • Monitor failed authentications: Track patterns in authentication failures
  • Verify attribute mappings: Ensure user information is correctly synchronized
  • Check group memberships: Validate that group-based access is working correctly