How to configure SSO in the Lumu Portal using Thales (Safenet Trusted Access)

How to configure SSO in the Lumu Portal using Thales (Safenet Trusted Access)

Prerequisites

Before you can configure Single Sign-On (SSO) integration with the Lumu Portal using Thales, ensure that you have the following:
  • Administrator access to your Thales account.
  • Lumu Support has provided you with the necessary instructions and requirements for configuring SSO with Thales.

Thales Settings

1. Access the Thales (Safenet Trusted Access) application portal and log in using your Thales credentials.

2. Click the plus button in the Applications tab to add a new app.


3. In the pop-up window, type "Generic Template" and click the plus button to add it.

4. Provide a name for your app, then select "SAML" as the Integration Protocol option. Click the Add button at the bottom.


5. In the next window, click "Download metadata file" and save it for later use. This file contains important configuration details. Make sure to save it securely. Once you saved it, click on “Manual Configuration”.


6. Take note of the ISSUER/ENTITY ID, SINGLE SIGNON SERVICE, and Fingerprint (SHA256) values displayed on the screen. You will need to send this information to Lumu Support. Copy and store these details for later use. Click the "Next Step" button.

7. On the "Step 02: STA Setup" tab, click "Manual Configuration" to open it.

8. Configure the following values:

ENTITY ID:

Your Company Name

ASSERTION CONSUMER SERVICE URL(POST BINDING):

https://portal.lumu.io/api/v1/users/saml/auth

Make sure there aren't any spaces on any of the fields. Otherwise, the configuration process will not work properly.

9. In the SAML Certificates section, click the "Upload Certificate" button for both the "Request Signing Certificate" and "Response Encryption Certificate" tabs. Select the certificate you previously downloaded.


10. Once the certificates are uploaded, scroll down to the "AUTHENTICATION REQUEST SIGNATURE VALIDATION" section. Make sure your screen looks like the image below. Click the "Save" button to complete your app setup.


11. Collect the following information to send to Lumu Support:

ISSUER/ENTITY ID:

https://idp.eu.safenetid.com/auth/realms/XXXXXXXXXX-STA

SINGLE SIGNON SERVICE:

https://idp.eu.safenetid.com/auth/realms/XXXXXXXXXX-STA/protocol/saml

Fingerprint (SHA256):

A0:A0:A0:A0:A0:A0:A0:A0:A0:A0:A0:A0:A0:A0:A0:A0:A0:A0:A0:A0:A0:A0:A0:A0:A0:A0:A0:A0:A0:A0:A0:A0:A0

ENTITY ID:

Company Inc

12. Share the collected information with Lumu Support. They will complete the setup and configuration on their end. Once the SSO implementation is complete, Lumu Portal users will be able to log in seamlessly using Thales credentials.

In case of any issues or questions during the configuration process, contact Lumu Support for assistance.

        • Related Articles

        • How to configure SSO in the Lumu Portal using Okta

          Single Sign-on (SSO) allows you to log in to the Lumu portal through Identity Providers using their current credentials. Instead of requiring users to manage multiple usernames and passwords, SSO allows you to log in to multiple applications using ...
        • How to configure SSO in the Lumu Portal using Azure Active Directory

          Prerequisites: Before you can configure Single Sign-On (SSO) integration with the Lumu Portal using Azure, make sure that you have the following: Administrator access to your Azure portal. Lumu Support has provided you with the necessary instructions ...
        • How to configure SSO in the Lumu Portal using OneLogin

          Single Sign-on (SSO) allows you to log in to the Lumu portal through Identity Providers using their current credentials. Instead of requiring users to manage multiple usernames and passwords, SSO allows you to login to multiple applications using the ...
        • Lumu Portal Two-Factor Authentication

          The Lumu Portal offers secure login alternatives through the use of two-factor authentication (2FA), in this case, One-time Password (OTP) on top of your account password. You can use the Authenticator app you prefer, such as Google Authenticator and ...
        • Lumu Portal

          Lumu simplifies Continuous Compromise Assessment by consolidating its management, reporting, and related contextual intelligence within a single portal. Security teams no longer need to chase down data from multiple network monitoring tools. The Lumu ...