1. Access the Thales (Safenet Trusted Access) application portal at https://sta.eu.safenetid.com/apps/app and log in using your Thales credentials.
2. Click the plus button in the Applications tab to add a new app.
3. In the pop-up window, type "Generic Template" and click the plus button to add it.
4. Provide a name for your app, then select "SAML" as the Integration Protocol option. Click the Add button at the bottom.
5. In the next window, click Download metadata file and save it for later use. This file contains important configuration details. Make sure to save it securely. Once you saved it, click on Manual Configuration.
6. Take note of the ISSUER/ENTITY ID, SINGLE SIGNON SERVICE, and Fingerprint (SHA256) values displayed on the screen. You will need to send this information to Lumu Support. Copy and store these details for later use. Click the Next Step button.
7. On the Step 02: STA Setup tab, click Manual Configuration to open it.
8. Configure the following values:
ENTITY ID:
Your Company Name
ASSERTION CONSUMER SERVICE URL(POST BINDING):
https://portal.lumu.io/api/v1/users/saml/auth
9. In the SAML Certificates section, click the Upload Certificate button for both the Request Signing Certificate and Response Encryption Certificate tabs. Select the certificate you previously downloaded.
10. Once the certificates are uploaded, scroll down to the AUTHENTICATION REQUEST SIGNATURE VALIDATION section. Select the Skip request signature validation option. Click the Save button to complete your app setup.
11. Collect the following information to send to Lumu Support:
ISSUER/ENTITY ID:
https://idp.eu.safenetid.com/auth/realms/XXXXXXXXXX-STA
SINGLE SIGNON SERVICE:
https://idp.eu.safenetid.com/auth/realms/XXXXXXXXXX-STA/protocol/saml
Fingerprint (SHA256): A0:A0:A0:A0:A0:A0:A0:A0:A0:A0:A0:A0:A0:A0:A0:A0:A0:A0:A0:A0:A0:A0:A0:A0:A0:A0:A0:A0:A0:A0:A0:A0:A0
ENTITY ID:
Company Inc
12. Share the collected information with Lumu Support. They will complete the setup and configuration on their end. Once the SSO implementation is complete, Lumu Portal users will be able to log in seamlessly using Thales credentials.