Monitoring & Maintenance
Monitor SSO authentication activity and maintain your SSO configuration over time with proper certificate management and security practices.
Authentication Monitoring
Monitor SSO authentication through your identity provider’s built-in logging and monitoring tools.
SSO Health Monitoring
Regularly check the status of your SSO configuration:
Check Connection Status
Navigate to Settings > Single Sign-On to view the current status of your SSO connection.
Monitor IdP Activity
Use your identity provider’s monitoring tools to track authentication patterns and identify any issues.
Test Periodically
Run periodic connection tests to ensure your SSO configuration remains functional.
Updating SSO Configuration
Certificate Renewal
Note: Certificate renewal is only required for Custom SAML, Keycloak, and PingFederate configurations. Other identity providers handle certificate management automatically.
For applicable providers, certificates typically expire annually. To update certificates:
Get New Certificate
Download the new X.509 certificate from your identity provider before the current one expires.
Update Ravenna
In your SSO settings, replace the old certificate with the new one.
Test Configuration
Run a connection test to verify the new certificate is working correctly.
Modifying Domain Configuration
To add or remove domains from SSO authentication, you’ll need to contact Ravenna support:
- Contact support with your domain modification request
- Provide details about which domains you want to add or remove
- Verify domain ownership if adding new domains (support will guide you through this process)
- Notify affected users about authentication method changes once the update is complete
Security Best Practices
Regular Security Reviews
Certificate Management
Monitor certificate expiration dates and plan renewals in advance
Access Reviews
Regularly review SSO user access and remove inactive accounts
Configuration Audits
Periodically audit SSO settings and update as needed
Activity Monitoring
Use your IdP’s monitoring tools to track authentication patterns
Certificate Management Best Practices
- Set renewal reminders: Create calendar reminders 30-60 days before certificate expiration
- Test certificate updates: Always test in a non-production environment first
- Maintain certificate inventory: Keep track of which certificates are used for which configurations
- Backup certificates: Store certificate backups securely
Access Control Monitoring
- Regular user audits: Review user access quarterly or when organizational changes occur
- Monitor failed authentications: Track patterns in authentication failures
- Verify attribute mappings: Ensure user information is correctly synchronized
- Check group memberships: Validate that group-based access is working correctly
Related Documentation
- User Management - Managing SSO users and permissions
- Troubleshooting - Resolve common monitoring issues
- Setup Guide - Initial SSO configuration