Azure SAML and SCIM Integration

Integrating Lucidchart with Azure enables your users to authenticate using SAML single-sign on through Azure. Azure also offers a SCIM connection that allows you to provision users in your IDP. The following tutorial walks through the process of integrating Azure with Lucidchart.

This feature is only available to Enterprise Accounts. To upgrade, please visit our pricing page or contact our sales team.

Note: You will need admin privileges in both Azure and Lucidchart to complete this integration.

  1. Navigate to https://portal.azure.com.
  2. Select "Azure Active Directory" from the left-sidebar menu.

    Azure Active Directory
  3. Select "Enterprise applications" from the "Manage" menu.

    Enterprise applications
  4. Select "New application" at the top of the screen.

    Screen_Shot_2017-07-21_at_9.36.39_AM.png
  5. Select "All" from the "Categories" menu and then search for "Lucidchart" under the words "Add from the gallery." Select the Lucidchart application.

    Add an application
  6. Select "Add" to install the Lucidchart application.

    Install Lucidchart app
  7. Select "Configure single sign-on" from the "Quick start" menu.

    Configure single sign-on
  8. Select "SAML-based Sign on" for the "Single Sign-on Mode."

    SAML-based single sign-on
  9. Enter "https://lucidchart.com/saml/sso/" followed by your company domain into the "Sign on URL" (e.g."https://lucidchart.com/saml/sso/acme.com").

    Sign-on URL
  10. Enter "lucidchart.com" as the "Identifier."

    Lucidchart as Identifier
  11. Confirm that "user.userprincipalname" is the "User Identifier."

    Confirm User Identifier
  12. Select "Save" at the top of the page.
  13. Select "Metadata XLM" under the "SAML Signing Certificate" to download the IDP metadata.

    SAML Signing Certificate
  14. Select "Users and groups" from the "Manage" menu. Select and assign users and/or groups to access the Lucidchart application.
  15. In your Lucidchart account, navigate to Team > App Integration > SAML and select "Enable SAML."

    Enable SAML in Lucidchart
  16. Enter your company domain for the "Lucidchart Sign in URL." This domain must match the domain that you provided in step 9.

    Enter company domain
  17. Upload the Azure metadata that you downloaded in step 13 into Lucidchart.
  18. To enable new user creation for users assigned to the application, you will need to navigate to the "Properties" Tab in your Lucidchart application page within Azure.  From there scroll to the bottom of the page and toggle the "User Assignment Required to Access Application" to "Off."
  19. You can enable SCIM with Azure by clicking on the Provisioning tab and following Lucidchart's General Steps for Configuring SCIM. Please note that the Lucidchart app for Azure supports auto-provisioning with SCIM but not auto-licensing. Please see the Auto-Provisioning and Auto-Licensing article to learn about the difference.

Azure_Prop_tab.jpg



Related Articles
Lucidchart and SAML
Active Directory Federation Services (ADFS) SAML Integration
Okta SAML and SCIM Integration
OneLogin SAML and SCIM Integration