Had the same issue and fixed it this morning. For my situation, the old SAML certificate that was set to expire in July was still listed, but marked as inactive. The notification matched the expiry of that certificate.  A new certificate was automatically created with expiry in 2026, set as active. I had to delete the old certificate. In Jamf, I pasted the URL even though it was the same and hit save. I don't know if it was a question of logging out and back in, or closing the browser or re-opening, but the notification went away.

Strongly suggest you have a failover account before mucking around with this. 

Deleting the inactive certificate is one thing I hadn't thought of; and, that seems to have done the trick!

FWIW, the alert notification did not immediately go away.  Even after switching between the URL and XML file (and back).  But, while I was staring at the screen trying to figure out the next step, it just disappeared.

Thank you for the idea!

I am having the exact issue. I can see only the current one with the new expiration is active, but i still see a message in JAMF. Any other ideas? 

The alert notification didn't immediately disappear for me; but, I don't think it took longer than 10-20 minutes after I deleted the old cert from Azure.  I don't recall if the JAMF settings were displaying the new cert expiration date while the notification was active or not though.  

We deleted the old one weeks ago, and still getting notice (3 days left) I am a little worried that that SSO may stop working then.

With that little time remaining, I would definitely try to involve an official JAMF support person.  Pointing them to this thread might help them narrow down the problem more quickly though.  

Other than that, you should make sure that the URL or metadata file in the JAMF SSO page matches your latest info in Azure, and that the old Azure cert is definitely deleted, and not just inactive.  And, if that fails, then Bootrec's comment regarding a failover login URL is very important too.

(I accidentally posted my reply on the main thread.  Commenting here to make sure you're notified)

I did manage to fix it and the trick was to toggle back and forth between the XML and the URL. This cleared the notification. 

Toggle back and forth between XML and URL???

Can you be more specific, as in 'steps' cause I'm not quite sure I understand what you're saying here.

Having a similar issue. Getting a notification in JAMF "Signing certificate issued by SSO identify provider expired."

Assuming this is why I can't install anything from Service Center.

Our main JAMF technician is out for a couple weeks; I have about an hour of experience in JAMF.

Would like to get more details around the following:

1. OP stated "I followed the instructions to "Visit your SSO Identity Provider to update the certificate". Can someone specify where these instructions can be found? I'm not even sure where to look to start trying to troubleshoot/fix this issue.

2. One of the replies stated that they "toggled back and forth between XML and URL". Curious if that can be explained in more detail.

I believe that the "Visit your SSO Identity Provider" prompt was on the screen which was warning about the (soon) expiring certificate.  My certificate is now renewed, so I don't see those exact words anywhere right now.  At any rate, our SSO Identity Provider is MS Azure, and the details for that setting are in the Enterprise Applications section of Azure (Entra).

If you also use Azure, then in the Azure application setting page for Jamf Pro, there is a "Single sign-on" section, which has a series of numbered sections within it.  The section "3" ("SAML Certificates") has both "App Federation Metadata Url" which can be copied, or "Federation Metadata XML" file which can be downloaded.   If you don't user Azure, there is most likely a very similar page on whichever service you have connected.

Back on the JAMF Settings page, there is the Single Sign-On section.  On the Single Sign-On page, the "Identity Provider Metada Source" (in the "Identity Provider" section) is where you either copy the URL or upload the XML file.  When  "toggling" is mentioned, it is changing the setting of this from XML file to URL or vice versa.  

Deleting the inactive certificate within Azure for Jamf Pro SSO resolved the issue for me. This then removed the notification within Jamf Pro within 5-10 minutes.