How to renew your SAML/SSO certificate?
When you try to log in in TrendMiner but you see the following message on the login page: "Invalid signature in response from identity provider" it is likely that your SAML/SSO certificate is expired.
You can verify this by checking the certificate expiration date in ConfigHub -> Certificates.
To renew the certificate, download a new certificate and federation data xml file from your SAML provider and upload it in TrendMiner. The following procedure documents this in detail for Entra ID (Microsoft Azure):
Download the Base64 certificate and Federation Metadata XML file from Azure
Open ConfigHub - Certificates and upload the Certificate under Trusted Certificates
Restart the tm-keycloak service in ConfigHub/Edge Manager -> Services for the certificate to show up
In ConfigHub, go to Identity Providers and click on your SAML IdP. Click on options and edit the connection, browse files and upload the new metadata here and hit save
Right click options again, and download the metadata file from TrendMiner
Upload the TrendMiner metadata in Azure
Restart the tm-keycloak service in ConfigHub/Edge Manager