Integrating Lucidchart with Okta enables your users to authenticate using SAML single sign-on through Okta. Furthermore, our SCIM integration allows admins to create users and provision and deprovision users within Okta itself, without having to sign in to Lucidchart. The following tutorial walks through the process of integrating Okta with Lucidchart. You will need admin privileges in both Okta and Lucidchart to complete this integration.
- To get started, first add Lucidchart to your Okta Application Network and generate the Okta metadata for Lucidchart. Log in to Okta and select the blue “Admin” button in the top right corner of the dashboard.
- Select “Add Applications” from the shortcut menu on the right side of the admin dashboard.
- Search for Lucidchart in the applications search bar and select “Add” on the Lucidchart application.
- Enter your domain on the General Settings page and select “Next” in the bottom right. Be sure to only enter your domain, not a full URL.
- Navigate to the "Assign to People" page and assign Lucidchart to your entire organization by choosing “Select All.” Then select “Next.”
Note: This will not automatically provision users within Lucidchart.
- The page you are directed to simply confirms that the Okta username will be utilized to authenticate users into Lucidchart. Select “Done” to finish adding the app.
- Now Lucidchart has been added to your Okta Application network. Next, you need to retrieve the Okta metadata to link your Lucidchart and Okta accounts. After you add the application, Okta will direct you to the People settings page for the newly added Lucidchart application. Select “Sign On” to complete the integration.
- From the Applications menu, click on the Lucidchart app to view the settings.
- On the Sign-On Options page, change the selection from "Secure Web Authentication" to "SAML 2.0."
- With SAML 2.0 selected, click “View Setup Instructions” to access the Okta metadata. This metadata instructs Lucidchart on how to communicate with Okta.
- Okta will open a new page that includes the Lucidchart metadata. Copy all of the code found under step 2 of the Instructions page.
- Now use the Okta metadata to configure the SAML integration in Lucidchart. To start, open up a second browser tab, log in to your Lucidchart account, and select “Team” at the top of the screen.
- Navigate to the “App Integration” panel.
- Select “SAML” on the integrations page.
- Select “Enable SAML Integration."
- Enter your account domain in the Domain field under the Lucidchart Sign in URL section. Be sure to enter just the domain, not a full URL.
- In Identity Provider Metadata section, paste the Okta metadata into the text box and select “Save changes.”
- Now your Lucidchart account will support SAML single-sign on authentication through Okta.
- Must be part of an Enterprise subscription on an up-to-date pricing plan. To upgrade, please see our pricing page.
- Must have "auto-upgrades" turned on. To enable "auto-upgrade," go to Team > Licensing.
- From the top of the page, select Team > App Integration > SCIM.
- Click the “Generate token” button to create a unique code that is shared between Lucidchart and Okta. Copy the bearer token to your clipboard.
- Return to Okta and log in as an administrator. In the Admin area, go to the Applications menu and click on the Lucidchart application.
- Select the checkbox “Enable provisioning features.”
- Paste the bearer token you generated in Lucidchart into the API Token field. Click “Test API Credentials” to validate the connection. Select the integration points you would like to enable.
- Here's the entire provisioning process in action. This video demonstrates the following:
- Create a new group called Software Engineering.
- Make Lucidchart a default application for the Software Engineering Group.
- Add two users in Okta to the Software Engineering group.
- Watch those two users appear as created, licensed accounts within Lucidchart.