Does Dropbox SAML SSO support IdP self-signed certificates?

Question

Hello everyone,I'm integrating Dropbox (as the Service Provider) with our internal IdP using SAML SSO and would like to confirm a few things:Does Dropbox support using a self-signed certificate on the IdP side for signing SAML Assertions or for the certificate uploaded in metadata?If self-signed certificates are supported, what operational or validation considerations should we be aware of? If not supported, what alternatives do you recommend?

Dell_Dropbox · Accepted Answer

Thanks for your patience Ziv​&nbsp;
Dropbox SAML SSO does support IdP self signed x.509 certificates. As long as the certificate is provided in standard PEM format and included in your IdP metadata, Dropbox can use it to validate signed SAML assertions.
If you use a self signed certificate, just be sure it is kept up to date and that your team has a process for rotating it before expiration. There is no requirement for the certificate to come from a public certificate authority.
You can find more details about configuring SSO with Dropbox here: https://help.dropbox.com/security/sso-admin
&nbsp;

Forum Discussion

Does Dropbox SAML SSO support IdP self-signed certificates?

2 Replies

About Security and Permissions

Related Content

Root certificate changes

Linux Dropbox Certificate error

Dropbox API Certificate Problem

Change of Certification

ssl.SSLError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:852)

Recent Discussions

Someone accessed my Dropbox account and all my files are gone

Personal files not available since Dropbox team was 'disbanded'

I've accidentally joined a Dropbox team, thinking it was a client sharing a file

I can't find my linked devices on my account

How can I remove permissions for a single user from a specific folder?