Thales Data Protection Demand has updated the Identity Provider (IDP) used in the DPoD platform to Thales OneWelcome Identity Platform in the Europe region. The North America region was migrated on February 22nd, 2025. 

This update enables the platform to provide modern authentication options to users while simplifying logins for users that manage multiple tenants on the platform. Feature updates include: 

• Improved login flow 
• Improved registration flow 
• Improved user account management flows 
• Added method to switch between tenants 
• Removed vanity URLs from tenants 
• Removed vanity service provider registration pages 

North America users can now access DPoD through the login portal at https://welcome.dpondemand.io. You will need to register a new MFA token on the initial login.  

We recommend that all Luna Cloud HSM users download a new client to ensure continued connection and performance following the migration. For more information see Upgrade Client. If you have additional questions about the migration see the DPoD IDP Migration FAQ. 

Please be aware of the following known issue when using the new login portal: 

Issue: During the login process TOTP authentication can fail and the error message: "Service temporarily unavailable, please try again later" displays.  
Workaround: Click Go back in the user interface and reenter the TOTP or enter a new TOTP. 

Thales Data Protection Demand has updated the Identity Provider (IDP) used in the DPoD platform to Thales OneWelcome Identity Platform in the North America region. The Europe region will be migrated on March 8th, 2025. 

This update enables the platform to provide modern authentication options to users while simplifying logins for users that manage multiple tenants on the platform. Feature updates include: 

• Improved login flow 
• Improved registration flow 
• Improved user account management flows 
• Added method to switch between tenants 
• Removed vanity URLs from tenants 
• Removed vanity service provider registration pages 

North America users can now access DPoD through the login portal at https://welcome.dpondemand.io. You will need to register a new MFA token on the initial login.  

We recommend that all Luna Cloud HSM users download a new client to ensure continued connection and performance following the migration. For more information see Upgrade Client. If you have additional questions about the migration see the DPoD IDP Migration FAQ. 

Please be aware of the following known issue when using the new login portal: 

Issue: During the login process TOTP authentication can fail and the error message: "Service temporarily unavailable, please try again later" displays.  
Workaround: Click Go back in the user interface and reenter the TOTP or enter a new TOTP. 

The Thales Data Protection on Demand Terms of Service have been updated. Please review the Terms of Service for more information.

In the upcoming release of FW 3.0 for Luna Cloud HSM, CPv1 will be removed from FIPS firmware support as it is no longer compliant with 140-3. As this only affects FIPS mode, all affected users should use CPv4 or transition service to non-FIPS mode. If Luna Network HSM users want to clone to Luna Cloud HSM with a FIPS partition they will have to use Luna 7.8 or higher. See Universal Cloning for more information.

FW 2.0.5 has been released to all production environments. This release resolves the issue with restoring Luna Cloud HSM backups from a Luna USB Backup HSM.

The new firmware versions based on region and FIPS mode are as follows: 

• NA FIPS - 2.0.5
• NA non-FIPS - 2.0.5
• EU FIPS - 2.0.5
• EU non-FIPS - 2.0.5

Added 

Luna Cloud HSM Backup

The issue with restoring Luna Cloud HSM backups from a Luna USB Backup HSM has been rectified with FW 2.0.5.

Luna Cloud HSM Datacenters are now configured with a floating IP address. Users should be aware that any client configuration that relies on a static IP address configuration will no longer function. 

Please see the Client Network Connectivity Documentation for information about configuring your client environment. Thales does not recommend using any static IP filtering when accessing the service. Should your configuration require the use of static IP address filtering, please contact Thales Customer Support for more information.

The certificate CA provider for the platform authentication service is being changed to Sectigo, a global leader in digital identity security solutions. The scheduled time for this change is detailed on the DPoD Status Dashboard. 

Please be aware that you may need to update your system's certificates and ensure that CA CRL and OCSP endpoints are reachable in accordance with this change. 

If you require assistance or have any inquiries please contact our Support Team using the Thales Customer Support Portal.

Users can now subscribe to individual components through the Thales Data Protection on Demand Status Page. When you subscribe to updates you can specify the DPoD components, services and regions that you would like to receive updates for. 

To become a subscriber or update your subscription visit the Thales Data Protection on Demand Status Page and click Subscribe to Updates. 

Thales Data Protection on Demand has updated the procedure for purchasing service subscriptions. Services can now be purchased through the subscriptions tab in the DPoD user interface instead of the services tab. This includes subscribing to new services, renewing expiring subscriptions, or adding quantities to an existing subscription. 

For more information see Purchasing a Service Subscription.

An issue was found with the Luna Cloud HSM Support Tool version 1.0.0 where incorrect data was reported for datacentre connectivity in some cases. 

This issue has been fixed with the Luna Cloud HSM Support Tool version 1.0.2.

Luna Cloud HSM Support Tool version 1.0.2 addresses the following bug: 

• LCH-1498 - Support Tool reports incorrect info due to AuthN Changes.