Online Help

SafeNet Trusted Access for Open Air


SafeNet Trusted Access (STA) allows you to configure the Open Air application using the Security Assertion Markup Language (SAML) protocol.

The STA and Open Air integration is aimed to protect the Open Air end users' access.

The following use cases can be configured for Open Air:

SP-initiated SSO

IdP-initiated SSO

Configuring SafeNet Trusted Access for Open Air is a three-step process:

1.Open Air setup

2.SafeNet Trusted Access setup

3.Verify Authentication

NOTE   This application integration online help was produced based on a review of publicly available documentation and was not tested by Thales. Support for the application integration is provided on a best-effort basis.

Open Air Setup

As a pre-requisite, download the Identity Provider metadata from the SafeNet Trusted Access console by clicking the Download metadata file button. You will need the metadata while configuring STA in Open Air.

NOTE   If the STA certificate is required separately, first you need to click on the Manual Configuration link and then click Download X.509 certificate to download the certificate.

For more information, refer to the Configure the SAML service provider section of the STA online documentation.

Perform the appropriate steps to configure SafeNet Trusted Access as your Identity Provider in Open Air.

Click here to refer to the Open Air documentation.

Obtaining Metadata

Perform the following steps to download the Open Air metadata:

1.Navigate to the Open Air metadata URL. The Open Air metadata is displayed. Copy the entire metadata text.

2.In a text editor, paste the entire metadata text that you copied in the previous step, and save the file on your local machine with the .xml extension (for example, metadata.xml).

SafeNet Trusted Access Setup

After configuring SafeNet Trusted Access in the Open Air application, the next step is to activate the Open Air application in SafeNet Trusted Access by performing the following steps:

1.In the Applications pane, you will notice that the Open Air application that you added previously is currently in inactive state by default. To configure and activate the application, click on the Open Air application and proceed to the next step.

2.Under STA Setup, perform the following steps:

a.Click Upload Open Air Metadata to perform service provider configuration using the metadata.

b.On the Metadata upload window, click Browse to search and select the Open Air metadata file (for example, metadata.xml) that you saved in the Obtaining Metadata section.

Under Account Details, the service provider's metadata information is displayed.

NOTE   If metadata upload gets failed, click Manual Configuration to switch to the manual configuration.

For more information on configuring the SAML service provider, refer to the Configure the SAML service provider section of the STA online documentation.

NOTE   Under Return Attributes, add return attribute(s) as required by the Open Air application.

3.Under Advanced Settings, perform the following steps:

a.In the IDP INITIATED SSO RELAY STATE field, enter the relay state value if your application requires a unique relay state.

b.In the LOGOUT CHANNEL field, select an option that is compatible with your application.

For rest of the fields, modify the default values as per your preferred configuration.

4.Click Save Configuration to save the details and activate the Open Air application in SafeNet Trusted Access.

Verify Authentication

Using STA Console

Navigate to the Open Air URL, enter your email address, and click Sign In. You will be redirected to the SafeNet Trusted Access sign-in page. Enter your primary directory login information, approve the two-factor authentication, and you should be redirected to the Open Air application after authentication.

Using STA User Portal

Navigate to the User Portal URL to log in to the STA User Portal dashboard. On the dashboard, you will see a list of applications to which you have access. Click on the Open Air icon, you should be redirected to the Open Air application after authentication.


© 2021 SafeNet Trusted Access. Various trademarks are held by their respective owners.