SAML IdP cert rotation procedure to parallel laddr's legacy doc.
Per specs/api/saml.md, the rotation steps are:
- Generate new key + cert
- Update Slack's admin UI with the new public cert
- Update the API's SAML_PRIVATE_KEY / SAML_CERTIFICATE secrets
- Restart the API
The doc should expand these into runnable commands (openssl invocation, Slack admin UI link, our secrets backend), and include the cadence (3 years). Surfaced by the saml-idp plan's closeout (PR #49) — the runbook step isn't owned by any other planned work.
SAML IdP cert rotation procedure to parallel laddr's legacy doc.
Per specs/api/saml.md, the rotation steps are:
The doc should expand these into runnable commands (openssl invocation, Slack admin UI link, our secrets backend), and include the cadence (3 years). Surfaced by the saml-idp plan's closeout (PR #49) — the runbook step isn't owned by any other planned work.