Online Help

SafeNet Trusted Access for CloudPassage

Overview

Configuring SafeNet Trusted Access for CloudPassage is a three-step process:

1.CloudPassage setup

2.SafeNet Trusted Access setup

3.Verify authentication

CloudPassage Setup

As a prerequisite, download the Identity Provider signing certificate from the SafeNet Trusted Access console by clicking the Download X.509 certificate button. You will need this certificate in one of the steps given below.

Perform the following steps to configure SafeNet Trusted Access as your Identity Provider in CloudPassage:

1.Log in to the CloudPassage administrator dashboard using URL, https://portal.cloudpassage.com/login.

2.On the top right-hand side corner of the dashboard, click on the settings icon , and click Site Administration.

3.On the Site Administration window, click the Authentication tab, and click Login Controls.

4.Scroll down to the Single Sign-On section and perform the following steps :

a.Select the Enable Single Sign-On (SSO) to the Halo portal for Halo portal logins check box.

b.Note down the Account ID. You will need the account ID while setting up CloudPassage in SafeNet Trusted Access.

c.In the SAML Issue URL field, enter the ISSUER/ENTITY ID URL that is provided on the SafeNet Trusted Access console.

You can copy this URL by clicking the Copy to Clipboard icon available next to the ISSUER/ENTITY ID field.

d.In the SAML Endpoint URL field, enter the SINGLESIGNONSERVICE URL that is provided on the SafeNet Trusted Access console.

You can copy this URL by clicking the Copy to Clipboard icon available next to the SINGLESIGNONSERVICE field.

e.In a text editor, open the IdP certificate that you downloaded earlier from the SafeNet Trusted Access console and copy the entire text.

f.In the x.509 certificate field, paste the certificate text that you copied in the previous step.

g.Click Save.

SafeNet Trusted Access Setup

After completing the first step of configuring SafeNet Trusted Access in CloudPassage, the second step is to activate the CloudPassage application in SafeNet Trusted Access by performing the following steps:

1.In the Applications pane, you will notice that the CloudPassage application that you added previously is currently in inactive state by default. To configure and activate this application, click the application (for example, CloudPassage) and proceed to the next step.

2.Under STA Setup, perform the following steps:

a.Under Account Details perform the following steps:

In the ACCOUNT ID field, enter the account ID that you noted in step 4(b) of CloudPassage Setup.

In the ADMIN field, enter true or false to specify if the user is a site administrator.

b.Under User Login ID Mapping, in the NAME ID field, ensure that SAS User ID is selected.

c.Click Save Configuration to save the details and activate the CloudPassage application in SafeNet Trusted Access.

Verify Authentication

Using STA Console

Navigate to the CloudPassage login URL, https://idp.safenetid.com/auth/realms/<tenant-referenceid>/protocol/saml/clients/<CloudPassage Application Name>. You will be redirected to the SafeNet Trusted Access sign-in page. Enter your primary directory login information, approve the two-factor authentication, and you should be redirected to the CloudPassage application after authentication.

Using STA User Portal

Navigate to the User Portal URL to log in to the STA User Portal dashboard. On the dashboard, you will see a list of applications to which you have access. Click on the CloudPassage application icon, you should be redirected to the CloudPassage application after authentication.

Note:  After two-factor authentication, you will be asked for the Browser Authorization code that would have been sent to your email ID. Enter the code and you will be redirected to the CloudPassage application.

© 2018 SafeNet Trusted Access. Various trademarks held by their respective owners.