Before you can configure Single Sign-On (SSO) integration with the Lumu Portal using Entra ID, make sure that you have the following:
1. Go to https://portal.azure.com/ and log in to your Entra ID portal.
Open the left menu and click on Entra ID Active Directory.
2. Click on the Add menu to open it, and select Enterprise Application.
Click on the Create your own application button.
In the pop-up form, give your app a name without any blank spaces. Select the option Integrate any other application you don't find in the gallery (Non-gallery). Finally, click on the Create button.
3. Now we need to set up the SAML app. In the left menu, click on Users and groups. Click on Add user/group and proceed to add the users for your app.
In the next step, click on None Selected and select the users you want to add to your app. Click on the Select button at the bottom to add the selected users.
4. Go to Single sign-on and click on SAML.
5. Next, click on Basic SAML Configuration on the pen icon to edit.
On the pop-up form, click on Add identifier under Identifier (Entity ID) and provide a name without any blank spaces. Write it down and save it for later, as you will need to send it. Then, click on Reply URL (Assertion Consumer Service URL) and add https://portal.lumu.io/api/v1/users/saml/auth
Click Save to proceed.
6. Back on the Single sign-on section, click the Edit link in the Attributes & Claims section.
Ensure that you have the default claim name:
Claim Name: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
7. Back again in the Single sign-on menu, on the SAML certificates section, click on the first Edit link.
In the pop-up window, select Sign SAML response and assertion as the signing option, and finish by clicking Save.
8. Collect the following information to send to Lumu Support:
Login URL: https://login.microsoftonline.com/XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX/saml2
Entra ID AD Identifier: https://sts.windows.net/XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX/
Certificate (Base 64): Click it to download and send it to Lumu.
Once you have collected this information, share it with Lumu Support. They will complete the setup and configuration on their end. Once the SSO implementation is complete, Lumu Portal users will be able to log in.