diff --git a/CHANGELOG.md b/CHANGELOG.md
index bbbc8f30cdba6133d66006aa046ec24126f64669..be412a876ad11abcf477d4291984151934b18d23 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -7,6 +7,8 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 ## [1.13.0-bb.7]
 ### Fixed
 - to resolve an issue where Anchore would redeploy after every update, `./chart/templates/engine_secret.yaml` and `./chart/templates/enterprise_feeds_secret.yaml` were modified to set `ANCHORE_SAML_SECRET` to a randomly generated value if not set and the previous secret does not exist
+### Changed
+- `./chart/templates/engine_configmap.yaml`, `./chart/templates/enterprise_configmap.yaml`, and `./chart/templates/enterprise_feeds_confimap.yaml` were modified to set appropriate saml secret credentials when a saml secret has been randomly generated but left `Null` by the user at `.Values.anchoreGlobal.saml.secret`
 
 ## [1.13.0-bb.6]
 ### Changed
diff --git a/chart/templates/engine_configmap.yaml b/chart/templates/engine_configmap.yaml
index 6ed4e6b273ab1902e44a2a70d0e2f22a74ef3f41..7cd2edf3ae3055ac1a2ae7e1547836c9ee03ad4e 100644
--- a/chart/templates/engine_configmap.yaml
+++ b/chart/templates/engine_configmap.yaml
@@ -59,7 +59,9 @@ data:
     # Locations for keys used for signing and encryption. Only one of 'secret' or 'public_key_path'/'private_key_path' needs to be set. If all are set then the keys take precedence over the secret value
     # Secret is for a shared secret and if set, all components in anchore should have the exact same value in their configs.
     keys:
-      {{- if or .Values.anchoreGlobal.saml.secret .Values.anchoreGlobal.saml.useExistingSecret }}
+      {{- $anchorefullname := include "anchore-engine.fullname" . -}}
+      {{- $old_secret := lookup "v1" "Secret" .Release.Namespace $anchorefullname }}
+      {{- if or .Values.anchoreGlobal.saml.secret .Values.anchoreGlobal.saml.useExistingSecret $old_secret }}
       secret: ${ANCHORE_SAML_SECRET}
       {{- end }}
       {{- with .Values.anchoreGlobal.saml.publicKeyName }}
diff --git a/chart/templates/enterprise_configmap.yaml b/chart/templates/enterprise_configmap.yaml
index d448e2a020c8c9ec96b9a02db5162b4587a77b03..ba75b31b1a4156f48e7feaa63dc71567af368226 100644
--- a/chart/templates/enterprise_configmap.yaml
+++ b/chart/templates/enterprise_configmap.yaml
@@ -41,7 +41,9 @@ data:
     # Locations for keys used for signing and encryption. Only one of 'secret' or 'public_key_path'/'private_key_path' needs to be set. If all are set then the keys take precedence over the secret value
     # Secret is for a shared secret and if set, all components in anchore should have the exact same value in their configs.
     keys:
-      {{- if or .Values.anchoreGlobal.saml.secret .Values.anchoreGlobal.saml.useExistingSecret }}
+      {{- $anchorefullname := include "anchore-engine.fullname" . -}}
+      {{- $old_secret := lookup "v1" "Secret" .Release.Namespace $anchorefullname }}
+      {{- if or .Values.anchoreGlobal.saml.secret .Values.anchoreGlobal.saml.useExistingSecret $old_secret }}
       secret: ${ANCHORE_SAML_SECRET}
       {{- end }}
       {{- with .Values.anchoreGlobal.saml.publicKeyName }}
diff --git a/chart/templates/enterprise_feeds_configmap.yaml b/chart/templates/enterprise_feeds_configmap.yaml
index 00d2aba09d0261a8b575a65000fe950bef0ea00e..6b2e87e0d47d24751a3888248ea39d1c9d5d55b3 100644
--- a/chart/templates/enterprise_feeds_configmap.yaml
+++ b/chart/templates/enterprise_feeds_configmap.yaml
@@ -35,7 +35,9 @@ data:
     # Locations for keys used for signing and encryption. Only one of 'secret' or 'public_key_path'/'private_key_path' needs to be set. If all are set then the keys take precedence over the secret value
     # Secret is for a shared secret and if set, all components in anchore should have the exact same value in their configs.
     keys:
-      {{- if or .Values.anchoreGlobal.saml.secret .Values.anchoreGlobal.saml.useExistingSecret }}
+      {{- $anchorefullname := include "anchore-engine.fullname" . -}}
+      {{- $old_secret := lookup "v1" "Secret" .Release.Namespace $anchorefullname }}
+      {{- if or .Values.anchoreGlobal.saml.secret .Values.anchoreGlobal.saml.useExistingSecret $old_secret }}
       secret: ${ANCHORE_SAML_SECRET}
       {{- end }}
       {{- with .Values.anchoreGlobal.saml.publicKeyName }}
diff --git a/docs/BBCHANGES.md b/docs/BBCHANGES.md
index 09c4f09b3c7c0b2d1a44b1433763237207d56d06..5869b8c312685b1ff499c7c1aff3f26149183afb 100644
--- a/docs/BBCHANGES.md
+++ b/docs/BBCHANGES.md
@@ -164,6 +164,8 @@ Create chart name and version as used by the chart label.
 {{- end -}}
 ```
 
+---
+
 In `chart/templates/engine_configmap.yaml`, modify the metrics lines as such:
 
 ```yaml
@@ -197,6 +199,8 @@ And set required environment variables in `chart/templates/enterprise_feed_deplo
       value: {{ .Values.monitoring.enabled | quote }}
 ```
 
+---
+
 To resolve a race condition in Big Bang CI pipelines, an additional sleep argument was added in `chart/templates/engine_upgrade_job.yaml`, `enterprise_upgrade_job.yaml`, and `enterprise_feeds_upgrade_jobs.yaml`:
 
 ```yaml
@@ -205,13 +209,17 @@ To resolve a race condition in Big Bang CI pipelines, an additional sleep argume
   anchore-manager db --db-connect postgresql://${ANCHORE_DB_USER}:${ANCHORE_DB_PASSWORD}@${ANCHORE_DB_HOST}/${ANCHORE_DB_NAME} upgrade --dontask;
 ```
 
-Additionally, a field was added to `chart/templates/engine_upgrade_job.yaml`, `enterprise_upgrade_job.yaml`, and `enterprise_feeds_upgrade_jobs.yaml` to allow users to specify container resource requests and limits for the jobs. This was done to resolve OPA Gatekeeper violations around container resources and ratios:
+---
+
+To resolve OPA Gatekeeper violations around container resources and ratios, a field was added to `chart/templates/engine_upgrade_job.yaml`, `enterprise_upgrade_job.yaml`, and `enterprise_feeds_upgrade_jobs.yaml` to allow users to specify container resource requests and limits for the jobs:
 
 ```yaml
 resources:
   {{ toYaml .Values.anchoreEngineUpgradeJob.resources | nindent 10 }}
 ```
 
+---
+
 To resolve an issue where Anchore would redeploy after every update, `./chart/templates/engine_secret.yaml` and `./chart/templates/enterprise_feeds_secret.yaml` were modified to set `ANCHORE_SAML_SECRET` to a randomly generated value if not set and the previous secret does not exist:
 
 ```yaml
@@ -222,4 +230,15 @@ ANCHORE_SAML_SECRET: {{ .Values.anchoreGlobal.saml.secret | default (randAlphaNu
 {{ else }}
 ANCHORE_SAML_SECRET: {{ index $old_secret.data "ANCHORE_SAML_SECRET" }}
 {{- end }}
+```
+
+Additionally, `./chart/templates/engine_configmap.yaml`, `./chart/templates/enterprise_configmap.yaml`, and `./chart/templates/enterprise_feeds_confimap.yaml` were modified to set appropriate saml secret credentials when the saml secret has been randomly generated but left `Null` by the user at `.Values.anchoreGlobal.saml.secret`:
+
+```yaml
+keys:
+  {{- $anchorefullname := include "anchore-engine.fullname" . -}}
+  {{- $old_secret := lookup "v1" "Secret" .Release.Namespace $anchorefullname }}
+  {{- if or .Values.anchoreGlobal.saml.secret .Values.anchoreGlobal.saml.useExistingSecret $old_secret }}
+  secret: ${ANCHORE_SAML_SECRET}
+  {{- end }}
 ```
\ No newline at end of file