Please forward this email to your IT department.

Attention customers using single sign-on (SSO):

This is a final reminder that the Identity Provider (DIDP) Proxy certificate used to validate single sign-on (SSO) requests and confirm user identity for your UKG Pro Workforce Management™ (WFM) environment will expire on Monday, February 24, 2025. The new certificate is now available for use.

Action required! Failure to add the DIDP Proxy certificate by February 23 could lead to connection issues. There are various SSO management types, and your organization should fall into one of the following four categories:

• If your SSO operates only with up-to-date public certificates and updates are automatic, your DIDP Proxy SSO certificate will be automatically added when we update the certificate. Please have your IT team confirm the updated certificate is in place as expected.
• If your SSO operates only with up-to-date public certificates that require manual updating, access the DIDP Proxy SSO Certificate and forward it to your IT department so they can update your SSO settings prior to February 23.
• If your organization operates with a single public certificate, please open a case in the UKG Community™ with the subject line “Assistance Required to Accept New DIDP Proxy SSO Certificate.” Our teams will then work with you to select a date for the DIDP Proxy SSO Certificate to be configured.
• If your SSO does not require a current public certificate to operate, no action is required on your part. UKG still recommends accessing the DIDP Proxy SSO Certificate and manually adding it by February 23 as a best practice.

Note: If your organization allows more than one certificate to be in place, please keep the existing certificates as well to ensure a seamless transition.

If you have already taken the necessary steps, please disregard this communication.

*If you're not logged in to the UKG Community, you'll be asked to enter your credentials when accessing the link(s).