Lucidchart and SAML

SAML integration is offered to all Enterprise accounts in order to provide users a single sign-on experience with Lucidchart. To upgrade to Enterprise, please visit our pricing page or contact our sales team.

As an Account Owner, you can configure SAML with Lucidchart by following the steps below:

  1. Login to your Lucidchart account, and select 'Team' at the top of the screen.

    Team Page
  2. Navigate to the ‘App Integration’ panel.

    App Integration
  3. Select ‘SAML’ on the integrations page.

    SAML button
  4. Select ‘Enable SAML Integration’ at the top of the page.

    Enable SAML box
  5. Enter your Lucidchart account domain in the ‘Domain’ field under the ‘Lucidchart Sign in URL’ section. Be sure to enter the domain only, not a full URL. The SAML integration will use your domain to generate a Lucidchart sign-in URL that you will supply to your identity provider. For example, if you were to enter 'acme.com' as your domain, the URL will be www.lucidchart/saml/sso/acme.com. A user may go directly to this URL to initiate SAML single sign on

    Domain Field
  6. Open your identity provider's metadata XML file using a text editor. Copy the text from the XML file and paste it into the text box under ‘Identity Provider Metadata’ and select ‘Save changes’.

    Identify provider

Lucidchart SAML integration is now complete. Your Lucidchart account will support SAML single-sign on authentication through your identity provider.

The attributes we expect to receive are:

  • first name
  • last name
  • email

There are two naming conventions that we support for receipt of these attributes:

  • User.FirstName
  • User.LastName
  • User.Email

or the OID format:

  • urn:oid:2.5.4.42 (first)
  • urn:oid:2.5.4.4 (last)
  • urn:oid:0.9.2342.19200300.100.1.3 (email)

We also strongly prefer that the email be sent in the NameId field, but can work with other values if required.