How to Configure SSO in the Lumu MSP Portal using Entra ID Active Directory
Requirements
- Administrator access to your Entra ID portal.
- Lumu Support has provided you with the necessary instructions and requirements for configuring SSO with Entra ID.
Entra ID Settings
1. Go to https://portal.azure.com/ and log in to your Entra ID portal. Open the left menu and click on Microsoft Entra ID.
2. Click on the Add menu to open it, and select Enterprise Application.
3. Click on the Create your own application button.4. In the pop-up form, give your app a name without any white spaces. Select the option Integrate any other application you don't find in the gallery (Non-gallery). Then, click on the Create button.
5. Now we need to set up the SAML app. In the left menu, click on Users and groups. Click on Add user/group and proceed to add the users for your app.
6. In the next step, click on None Selected and select the users you want to add to your app. Click on the Select button at the bottom to add the selected users.
7. Go to Single sign-on and click on SAML.
8. Next, click on Basic SAML Configuration on the pen icon to edit.
9. On the pop-up form, click on Add identifier under Identifier (Entity ID) and provide a name without any blank spaces. Write it down and save it for later, as you will need to send it. Then, click on Reply URL (Assertion Consumer Service URL) and add the following URL: https://managed.lumu.io/api/msp/users/saml/auth. Click "Save" to proceed.
10. Back on the Single sign-on section, click the Edit link in the Attributes & Claims section.
Ensure that you have the default claim name:
Claim Name: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameClaim Value: user.userprincipalname11. Back again in the Single sign-on menu, on the SAML certificates section, click on the first Edit link.
12. In the pop-up window, select "Sign SAML response and assertion" as the signing option, and finish by clicking “Save”.
13. Collect the following information to send to Lumu Support:
Identifier (Entity ID): SSOLUMU
Certificate (Base 64): Click it to download and send it to Lumu.Login URL: https://login.microsoftonline.com/XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX/saml2Entra ID AD Identifier: https://sts.windows.net/XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX/Once you have collected this information, share it with Lumu Support. They will complete the setup and configuration on their end. Once the SSO implementation is complete, Lumu Portal users will be able to log in.
If you encounter any issues or have questions during the configuration process, contact Lumu Support for assistance.
Related Articles
How to Configure SSO in the Lumu MSP Portal using CyberArk
Learn how to Configure SSO in the Lumu MSP Portal using CyberArk by following this article. Requirements Before you can configure Single Sign-On (SSO) integration with the Lumu Portal using CyberArk, ensure that you have the following: Administrator ...How to Configure SSO in the Lumu MSP Portal using Keycloak
Prerequisites Before you can configure Single Sign-On (SSO) integration with the Lumu Portal using Keycloak, ensure that you have the following: Administrator access to your Keycloak app. Communication with Lumu Support to help you set up the SSO. ...How to Configure SSO in the Lumu MSP Portal using Okta
The Lumu Portal provides SSO with Okta, a third-party authentication service that enables users to log in to the Lumu Portal seamlessly. When you configure SSO in your Lumu Portal, your users can connect without the need for separate login ...How to Configure SSO in the Lumu MSP Portal using Thales (Safenet Trusted Access)
The Lumu MSP Portal provides SSO with Thales (Safenet Trusted Access), a third-party authentication service that enables users to log in to the Lumu MSP Portal seamlessly. When you configure SSO in your Lumu MSP Portal, your users can connect without ...Lumu MSP - Getting Started
Managed Service Providers (MSP) are one of Lumu’s finest partners when it comes to bringing proficient operation of cybersecurity to customers everywhere. It is for this reason that the Lumu Portal for MSP was created; there, MSPs can find all the ...