OneLogin SAML and SCIM Integration

Integrating Lucidchart with OneLogin enables your users to securely authenticate using SAML single sign-on through OneLogin. Our SCIM integration allows admins to create users and provision and deprovision users within OneLogin itself, without having to sign in to Lucidchart. The following tutorial walks through the process of integrating OneLogin with Lucidchart. This feature is only available to Enterprise accounts. Please see our pricing page to upgrade or contact our sales team.

You will need admin privileges in both Lucidchart and OneLogin to complete this process.

  1. Log in to your OneLogin account. Go to the Apps menu at the top of the page and click “Add Apps.” Search for Lucidchart and add the app.

    Search for Lucidchart in Onelogin
  2. Once you’ve added the Lucidchart app to your OneLogin account, go to the SSO tab in the app’s details and download the Issuer URL metadata.

    Download Meta Data
  3. Log in to your Lucidchart account and go to Team > App Integration > SAML.

    Access Team Settings
  4. Check the box to enable SAML for your account.

    Enable SAML
  5. Enter your domain information in the next field. Add your domain for SAML setup
  6. Paste the metadata copied from OneLogin into the field and click to save.

You should now be able to use SAML to log in to your Lucidchart account. If you want to test this, open up a new browser session (use an incognito or private browsing window) and go to the Lucidchart Sign-in URL (SP initiated URL), see step 5 above. You should be redirected to OneLogin. Once you enter your credentials, you should be directed to the Lucidchart Documents Page.

In order to have SCIM set up on your account, you must:

  1. Log in to your Lucidchart account as an account owner and go to your Account settings page. Click on “Subscription Level” to double check that you are on an Enterprise subscription.

    Check Subscription in Lucidchart
  2. Once you’re on the Subscription Level page, make sure the auto-upgrade option is checked. This setting is required for SCIM provisioning and deprovisioning to work.
  3. Navigate to Team > App Integrations > SCIM.

    SCIM App Integrations
  4. Return to OneLogin and log in as an administrator. Click on the Apps menu found at the top of the page, and search for Lucidchart SCIM.
  5. Once you’ve installed the Lucidchart SCIM app on OneLogin, go to the Configuration tab under the app. You can now reference the SCIM page on Lucidchart and paste in the bearer token and base URL.

    One Login Config
  6. Go to the Rules tab and ensure the user role is properly set up to grant Lucidchart edit access to anyone who is a member of that role. Selecting “Set User can edit charts” and “Yes - Licensed user” in order to grant the user edit access when they are provisioned into that role.

    OneLogin Rules
  7. Go to the Provisioning tab to ensure that you are set up to enable provisioning for Lucidchart SCIM.

    Enable provisioning

Related Articles
Lucidchart and SAML
Active Directory Federation Services (ADFS) SAML Integration
Okta SAML and SCIM Integration
Azure SAML and SCIM Integration