Setup MFA with SafeNet Trusted Access from Thales
  • 28 Nov 2022
  • 1 Minute to read
  • Dark
    Light
  • PDF

Setup MFA with SafeNet Trusted Access from Thales

  • Dark
    Light
  • PDF

Article Summary

To setup the Multi Factor Authentication (MFA) with Thales you need to configure Active directory or Azure AD in Liquit Workspace and Thales. Liquit Workspace and Thales need to be connected through the same identity environment in order to work.

SafeNet Trusted Access

Login to the STA management console.

Create Application

  1. On the STA management console, select the Applications tab.
  2. Click the Add Application icon.

image.png

  1. Select the Generic Template
    a. To change the application name, edit the name in the Display Name field.
    b. In the integration type options, select OIDC.
    c. Set Access Type to Confidential

image.png

image.png

  1. Click Add
  2. Click Next Step
  3. Enter the following information in the STA Setup:
NameValue
ALLOWED FLOW TYPEAuthorization code flow
SERVICE LOGIN URLhttps://workspace.liquit.com
VALID REDIRECT URLhttps://workspace.liquit.com/api/auth/token/end
USERINFO SIGNATURE ALGORITHMRSA-SHA256
REQUEST SIGNATURE ALGORITHMRSA-SHA256

Use the following User Identity Claims:

Name*Value
emailUPN

* fields are case sensitive!

SareNetConfiguration.png

  1. Select Save Configuration
    image.png

Create a Policy to grant Users access to the application

  1. On the STA management console, select the Policies tab, select the Add Policy
  2. Enter a policy name in the New Policy box.
  3. Enter a brief description in the New Policy Description box.
  4. Under Policy Scope, in the Users section, select All Users
  5. In the Applications section, select Any of these Applications
    a. Select the just created application
  6. In the Default Requirements section select Granted
  7. After authenticating with check to boxes at
    image.png
  8. Click Save to save your changes.
    You are done configuring SafeNet Trusted Access

SafeNet Trusted Access documentation URL:
https://help.safenetid.com/operator/Content/Home.htm

OIDC:
https://help.safenetid.com/operator/Content/STA/Apps/AppsOIDC.htm

Policies:
https://help.safenetid.com/operator/Content/STA/Policies/policy_exception.htm

Liquit Workspace

Go to the relevant identity source within the Liquit Workspace that needs to utilize MFA for authenticating within the management interface of Liquit.

  1. On the “Authentication” page of the identity source, enable the “Federated” option and click on "Edit".
  2. Enter the following configuration data for each setting
Liquit NameThales Value*Default Value
ProtocolOAuth 2.0
Client IDClient ID
Client secretClient Secret
Redirect URIhttps://workspace.liquit.com/api/auth/token/end
Token URIToken end-point URL
Authorization URIAuthorization end-point URL
Logout URILogout end-point URL
Claim attributeupn

* These values are provided from the application in the STA management console


Was this article helpful?