How to configure SSO in the Lumu Portal using Entra ID Active Directory

How to configure SSO in the Lumu Portal using Entra ID Active Directory

Microsoft Azure is now called Entra ID

Prerequisites:

Before you can configure Single Sign-On (SSO) integration with the Lumu Portal using Entra ID, make sure that you have the following:

  1. Administrator access to your Entra ID portal.
  2. Lumu Support has provided you with the necessary instructions and requirements for configuring SSO with Entra ID.

Entra ID Settings:

1. Go to https://portal.azure.com/ and log in to your Entra ID portal.

Open the left menu and click on Entra ID Active Directory.



2. Click on the Add menu to open it, and select Enterprise Application.


Click on the Create your own application button.


In the pop-up form, give your app a name without any blank spaces. Select the option Integrate any other application you don't find in the gallery (Non-gallery). Finally, click on the Create button.


3. Now we need to set up the SAML app. In the left menu, click on Users and groups. Click on Add user/group and proceed to add the users for your app.


In the next step, click on None Selected and select the users you want to add to your app. Click on the Select button at the bottom to add the selected users.


4. Go to Single sign-on and click on SAML.


5. Next, click on Basic SAML Configuration on the pen icon to edit.


On the pop-up form, click on Add identifier under Identifier (Entity ID) and provide a name without any blank spaces. Write it down and save it for later, as you will need to send it. Then, click on Reply URL (Assertion Consumer Service URL) and add https://portal.lumu.io/api/v1/users/saml/auth

Click Save to proceed.

6. Back on the Single sign-on section, click the Edit link in the Attributes & Claims section.



Ensure that you have the default claim name:

Claim Name: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name

Claim Value: user.userprincipalname

7. Back again in the Single sign-on menu, on the SAML certificates section, click on the first Edit link.


In the pop-up window, select Sign SAML response and assertion as the signing option, and finish by clicking Save.


8. Collect the following information to send to Lumu Support:




Identifier (Entity ID): SSOLUMU

Login URL: https://login.microsoftonline.com/XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX/saml2

Entra ID AD Identifier: https://sts.windows.net/XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX/

Certificate (Base 64): Click it to download and send it to Lumu.

Once you have collected this information, share it with Lumu Support. They will complete the setup and configuration on their end. Once the SSO implementation is complete, Lumu Portal users will be able to log in.

If you encounter any issues or have questions during the configuration process, contact Lumu Support for assistance.

        • Related Articles

        • How to configure SSO in the Lumu Portal using Okta

          Single Sign-on (SSO) allows you to log in to the Lumu portal through Identity Providers using their current credentials. Instead of requiring users to manage multiple usernames and passwords, SSO allows you to log in to multiple applications using ...
        • How to configure SSO in the Lumu Portal using Thales (Safenet Trusted Access)

          Prerequisites Before you can configure Single Sign-On (SSO) integration with the Lumu Portal using Thales, ensure that you have the following: Administrator access to your Thales account. Lumu Support has provided you with the necessary instructions ...
        • How to configure SSO in the Lumu Portal using OneLogin

          Single Sign-on (SSO) allows you to log in to the Lumu portal through Identity Providers using their current credentials. Instead of requiring users to manage multiple usernames and passwords, SSO allows you to login to multiple applications using the ...
        • Lumu Portal Two-Factor Authentication

          The Lumu Portal offers secure login alternatives through the use of two-factor authentication (2FA), in this case, One-time Password (OTP) on top of your account password. You can use the Authenticator app you prefer, such as Google Authenticator and ...
        • Lumu Portal

          Lumu simplifies Continuous Compromise Assessment by consolidating its management, reporting, and related contextual intelligence within a single portal. Security teams no longer need to chase down data from multiple network monitoring tools. The Lumu ...