Thales Data Protection Demand has updated the Identity Provider (IDP) used in the DPoD platform to Thales OneWelcome Identity Platform in the Europe region. The North America region was migrated on February 22nd, 2025. 

This update enables the platform to provide modern authentication options to users while simplifying logins for users that manage multiple tenants on the platform. Feature updates include: 

• Improved login flow 
• Improved registration flow 
• Improved user account management flows 
• Added method to switch between tenants 
• Removed vanity URLs from tenants 
• Removed vanity service provider registration pages 

North America users can now access DPoD through the login portal at https://welcome.dpondemand.io. You will need to register a new MFA token on the initial login.  

We recommend that all Luna Cloud HSM users download a new client to ensure continued connection and performance following the migration. For more information see Upgrade Client. If you have additional questions about the migration see the DPoD IDP Migration FAQ. 

Please be aware of the following known issue when using the new login portal: 

Issue: During the login process TOTP authentication can fail and the error message: "Service temporarily unavailable, please try again later" displays.  
Workaround: Click Go back in the user interface and reenter the TOTP or enter a new TOTP. 

Thales Data Protection Demand has updated the Identity Provider (IDP) used in the DPoD platform to Thales OneWelcome Identity Platform in the North America region. The Europe region will be migrated on March 8th, 2025. 

This update enables the platform to provide modern authentication options to users while simplifying logins for users that manage multiple tenants on the platform. Feature updates include: 

• Improved login flow 
• Improved registration flow 
• Improved user account management flows 
• Added method to switch between tenants 
• Removed vanity URLs from tenants 
• Removed vanity service provider registration pages 

North America users can now access DPoD through the login portal at https://welcome.dpondemand.io. You will need to register a new MFA token on the initial login.  

We recommend that all Luna Cloud HSM users download a new client to ensure continued connection and performance following the migration. For more information see Upgrade Client. If you have additional questions about the migration see the DPoD IDP Migration FAQ. 

Please be aware of the following known issue when using the new login portal: 

Issue: During the login process TOTP authentication can fail and the error message: "Service temporarily unavailable, please try again later" displays.  
Workaround: Click Go back in the user interface and reenter the TOTP or enter a new TOTP. 

Thales Data Protection on Demand (DPoD) audit logs for Luna Cloud HSM and CipherTrust Data Security Platform as a Service (CDSPaaS) service instances are now available through the tenant user interface. You can generate, review, and download audit logs for services in your tenant using your tenants Logs page. For more information about viewing and downloading audit logs through the tenant user interface see Audit Logging.

FW 2.0.5 has been released to all production environments. This release resolves the issue with restoring Luna Cloud HSM backups from a Luna USB Backup HSM.

The new firmware versions based on region and FIPS mode are as follows: 

• NA FIPS - 2.0.5
• NA non-FIPS - 2.0.5
• EU FIPS - 2.0.5
• EU non-FIPS - 2.0.5

Added 

Luna Cloud HSM Backup

The issue with restoring Luna Cloud HSM backups from a Luna USB Backup HSM has been rectified with FW 2.0.5.

The certificate CA provider for the platform authentication service is being changed to Sectigo, a global leader in digital identity security solutions. The scheduled time for this change is detailed on the DPoD Status Dashboard. 

Please be aware that you may need to update your system's certificates and ensure that CA CRL and OCSP endpoints are reachable in accordance with this change. 

If you require assistance or have any inquiries please contact our Support Team using the Thales Customer Support Portal.

The Service Provider Tenant Usage Report and the associated tenants/usageReport, tenants/usageDetails, and service_instances/usageDetails endpoints have been removed from the platform.

As an alternative use the Service Report in the DPoD service provider tenant or the /v1/service_instances/usageBillingReport endpoint, and the  /v1/backoffice/serviceAgreements{tenantId} endpoint to compile tenant usage information.

Thales Data Protection on Demand has updated the procedure for purchasing service subscriptions. Services can now be purchased through the subscriptions tab in the DPoD user interface instead of the services tab. This includes subscribing to new services, renewing expiring subscriptions, or adding quantities to an existing subscription. 

For more information see Purchasing a Service Subscription.

Thales Data Protection on Demand launched the DPoD Public Marketplace. The public marketplace is available at https://market.dpondemand.io.

The following public marketplace endpoints are now available:

• GET /service_types
• GET /service_types/ {id}
• GET /service_categories
• GET /service_categories/{id}

For more information about the DPoD API see Using the API and the DPoD Platform API.

An issue was found with the Luna Cloud HSM Support Tool version 1.0.0 where incorrect data was reported for datacentre connectivity in some cases. 

This issue has been fixed with the Luna Cloud HSM Support Tool version 1.0.2.

Luna Cloud HSM Support Tool version 1.0.2 addresses the following bug: 

• LCH-1498 - Support Tool reports incorrect info due to AuthN Changes.

FW 2.0.2 has been released to all production environments. This release resolves an issue that prevented cloning objects between two Luna Cloud HSM partitions when using the 10.5 client.

The new firmware versions based on region and FIPS mode are as follows: 

• NA FIPS - 2.0.2
• NA non-FIPS - 2.0.2
• EU FIPS - 2.0.2
• EU non-FIPS - 2.0.2

FW 2.0.2 includes the following bug fixes:

• LCH-489 - CPv4 Cloning command permissions incorrect for pre-FW-2.0 partitions.
• DPS-10104 - Luna Cloud HSM Partition Cloning Fails with the 10.5 Client

  Cloning keys between two Luna Cloud HSM partitions fails when using the 10.5 client. There are currently two possible workaround scenarios.
  -> Workaround #1 - If there is a Luna SA7 (or any other separate device to use as an intermediary for the cloning) then clone to and from that device.

  -> Workaround #2 - If there is no separate device then completely uninstall the 10.5 client and install the 10.4 client from scratch. For this option please raise a support ticket to the Thales Customer Support portal to request to join the 2 partitions together as the 10.4 client does not support dynamic partition loading.