Your suggested change has been received. Thank you.

close
Thales Logo

All

  • All
  • CipherTrust Manager
  • CipherTrust Application Data Protection (CADP)
  • CipherTrust Application Key Management (CAKM)
  • CipherTrust Batch Data Transformation (BDT)
  • CipherTrust Cloud Key Management (CCKM)
  • CipherTrust Data Discovery and Classification (DDC)
  • CipherTrust Data Protection Gateway (DPG)
  • CipherTrust Database Protection (CDP)
  • CipherTrust Intelligent Protection (CIP)
  • CipherTrust Integrations
  • CipherTrust Migrations
  • CipherTrust RESTful Data Protection (CRDP)
  • CipherTrust Transparent Encryption (CTE)
  • CipherTrust Transparent Encryption Userspace (CTE-U)
  • CipherTrust Secrets Management (CSM)
  • CipherTrust Vaulted Tokenization (CT-V)
  • CipherTrust Vaultless Tokenization (CT-VL)
  • CTE-Linux
  • CTE-Windows
  • CTE-AIX
  • CTE-K8s
  • CTE-U
  • Crypto Command Center
  • Data Protection on Demand
  • Luna Cloud HSM
  • Luna Network HSM
  • Luna PCIe HSM
  • Luna USB HSM
  • OneWelcome Identity Platform
  • ProtectApp LUKS
  • ProtectServer 2 HSM
  • ProtectServer 3 HSM
  • SafeNet Trusted Access (STA)
  • SafeNet MobilePASS+
  • SafeNet MobilePASS+ for Android
  • SafeNet MobilePASS+ for Chrome
  • SafeNet MobilePASS+ for macOS
  • SafeNet MobilePASS+ for iOS
  • SafeNet MobilePASS+ for WatchOS
  • SafeNet MobilePASS+ for Windows
  • SafeNet Synchronization Agent
  • SafeNet Logging Agent
  • SafeNet Agent for FreeRADIUS
  • SafeNet Agent for NPS
  • SafeNet Agent for Windows Logon
  • SafeNet Authentication Service Private Cloud Edition (SAS PCE)
  • SafeNet Remote Logging Agent
  • SafeNet Keycloak Agent
  • SafeNet IDPrime Virtual (IDPV)
  • SafeNet FIDO Key Manager
  • SafeNet FIDO Key Manager for Android
  • SafeNet FIDO Key Manager for iOS
  • SafeNet FIDO Key Manager for Windows
back

SafeNet Access Exchange

search

Please Note:

printsuggest an edit

SafeNet Access Exchange

SafeNet Access Exchange (SAE) is an on-premises IDP, which complements secure authentication of SAS PCE. With this integration, SAS PCE provides multi-factor authentication in the context of authentication requests received from SAML or OIDC integrated applications. SafeNet Access Exchange is also a key component of SAS PCE Enterprise and STA Hybrid Access Management Add-On based deployment.

SafeNet Access Exchange also supports Single Sign-On (SSO) for applications integrated with it. When SSO is enabled, users can access multiple applications with only one login request during each computer session. This alleviates the need for users to log on to each application separately.

SafeNet Access Exchange package interacts with:

  • SAS PCE Enterprise Edition for a complete SAS PCE SSO workflow.

  • STA and SAS PCE for a complete STA Hybrid Access Management workflow. This is a key component of STA Access Continuum.

alt_txt

copy link to clipboardSoftware requirements

  • Docker or Podman for running containers
  • SAS PCE

copy link to clipboardPrerequisites

  • SafeNet Authentication Service (SAS) PCE v3.20 or above.

copy link to clipboardTerminology

  • SafeNet Access Exchange Directory: SAE server installation directory.

  • Authentication Flow: A container for all authentications, screens, and actions that are mandatory during login, registration, and other SafeNet Access Exchange workflows.

copy link to clipboardPackage contents

SafeNet Access Exchange is a compressed zip|tar.gz file. The SafeNetAccessExchange Package contains:

  • SafeNetAccessExchange.tar.gz

  • SafeNet OTP Realm json file

  • Realm configuration and authentication flows defined for SAS OTP validation.

To unpack this file, run the unzip, gunzip, or tar utilities.

alt_txt

copy link to clipboardSafeNet Access Exchange SAS providers (SPI)

The package contains the following modules, which are pre-installed with the SafeNet Access Exchange server.

  • SafeNet OTP Authentication Flow – Customized authentication flow for OTP validation with SAS Token Validator service.

  • SafeNet Theme – Customized theme to define SafeNet HTML templates and stylesheets.

copy link to clipboardSet up SAS API for SAS PCE

SAS API requests data from SAS PCE to dynamically update the SafeNet Access Exchange.

Caution

This setup is mandatory when SAS is configured with MySQL database.

Note

SAS API encounters an issue with MySQL database (MySQL EF6 DLL in GAC missing). It is a limitation of MySQL Connector 8.0.32.

When SafeNet Access Exchange is configured with SAS using MySQL database, perform the following steps:

  1. Install SafeNet server.
  2. Install MySQL 8.0.32 connector.
  3. Configure SafeNet server with MySQL database.

  4. Save the following text in .ps1 file format:

    `Note that you should be running PowerShell as an Administrator

    $publish = New-Object System.EnterpriseServices.Internal.Publish $publish.GacInstall("C:\Program Files (x86)\MySQL\MySQL Connector Net 8.0.32\Assemblies\v4.5.2\MySql.Data.EntityFramework.dll") If installing into the GAC on a server hosting web applications in IIS, you need to restart IIS for the #applications to pick up the change. Iisreset`

  5. Run the .ps1 file, as an Administrator in the PowerShell.

  6. Reset IIS.

copy link to clipboardPoints to remember

  • Default location: System Directory:\Program Files (x86)\MySQL\MySQL Connector Net 8.0.27\<locate MySql.Data.EntityFramework.dll file>

  • If someone changes the directory location while installing the MySQL Connector, the above path also needs to be updated in the script.

  • Open the PowerShell script and change the path to where your DLL resides.

copy link to clipboardConfiguration overview

Note

Set up of SAS PCE is required for end-to-end setup and validation for a STA Hybrid environment.

On this page