Skip to main content

Integrate your Lucid Enterprise account with an identity provider (IdP) to enable your users to authenticate using SAML single sign-on (SSO) through your IdP. The purpose of this post is to provide instructions on how to configure unofficially supported IdPs to work with Lucid via SAML. 

Before you configure Lucid with an IdP you will need to follow these SAML authentication steps in Lucid:

  1. Select Admin.
  2. Click Security in the left-hand menu.
  3. From the dropdown, select Authentication.
  4. Select Configure to the right of the “Allow SAML authentication” option to navigate to your SAML Activation page in Lucid. You will not be able to enable SAML until you have populated your domain and uploaded metadata.
  5. Under "Lucidchart Sign in URL," enter your Domain name.
    1. Ensure the domain you are using is not already in use, which will cause the XML file to not upload properly.

       

  6. Click Save Changes.
  7. Scroll down on the SAML Activation page of Lucid and click Add Identity Provider to upload the XML file you downloaded from your IDP.
    • The metadata will populate the following fields:

       

  8. Click Test SAML Connection to verify that Lucid is properly communicating with Okta.
    • The connection will only work if the Lucid app has been assigned to your test user in Okta. You can assign the app to users in the Assignments section of the app page.
  9. Navigate back to the Authentication page. 
  10. Check the box next to "Allow SAML authentication".
  11. Click Save changes.

     

To download the XML file and complete the configuration steps in Lucid, please review the post for your IdP below:

Google, JumpCloud, and Ping Identity are not officially supported IdPs, so you may notice that the instructions or screenshots in these posts may become outdated over time.

Testing your SAML Connection

After you have completed the configuration steps in Lucid and in your IdP, click on Test SAML Connection to ensure the configuration is correct. If the test says OK, then SAML has been configured correctly.

Be the first to reply!

Reply