Azure SAML and SCIM Integration

Integrating Lucidchart with Azure enables your users to authenticate using SAML single-sign on through Azure. The following tutorial walks through the process of integrating Azure with Lucidchart.

This feature is only available to Team and Enterprise Accounts. To upgrade, please visit our pricing page or contact our sales team.

Note: You will need admin privileges in both Azure and Lucidchart to complete this integration.

Configuring the SAML Integration

  1. Navigate to https://portal.azure.com.
  2. Select "Azure Active Directory" from the left-sidebar menu.

    Enterprise applications
  3. Select "Enterprise applications" from the "Manage" menu.

    Azure Active Directory
  4. Select "New application" at the top of the screen.

    Screen_Shot_2017-07-21_at_9.36.39_AM.png
  5. Select "All" from the "Categories" menu and then search for "Lucidchart" under the words "Add from the gallery." Select the Lucidchart application.

    Add an application
  6. Select "Add" to install the Lucidchart application.

    Install Lucidchart app
  7. Select "Configure single sign-on" from the "Quick start" menu.

    Configure single sign-on
  8. Select "SAML-based Sign on" for the "Single Sign-on Mode."

    SAML-based single sign-on
  9. Enter "https://lucidchart.com/saml/sso/" followed by your company domain into the "Sign on URL" (e.g."https://lucidchart.com/saml/sso/acme.com").

    Sign-on URL
  10. Enter "lucidchart.com" as the "Identifier."

    Lucidchart as Identifier
  11. Confirm that "user.userprincipalname" is the "User Identifier."

    Confirm User Identifier
  12. Select "Save" at the top of the page.
  13. Select "Metadata XLM" under the "SAML Signing Certificate" to download the IDP metadata.

    SAML Signing Certificate
  14. Select "Users and groups" from the "Manage" menu. Select and assign users and/or groups to access the Lucidchart application.
  15. In your Lucidchart account, navigate to Team > App Integration > SAML and select "Enable SAML."

    Enable SAML in Lucidchart
  16. Enter your company domain for the "Lucidchart Sign in URL." This domain must match the domain that you provided in step 9.

    Enter company domain
  17. Enter the Azure metadata in step 13 into the "Identity Provider Metadata" text box and select "Save."

    Identity Provider Metadata

Configuring the SCIM Integration

  1. Navigate to https://portal.azure.com.
  2. Select “Azure Active Directory” from the left-sidebar menu.

    Enterprise applications
  3. Select “Enterprise applications” from the “Manage” menu.

    Azure Active Directory
  4. Select the Lucidchart application and select “Provisioning” from the “Manage” menu.

    Screen_Shot_2017-07-20_at_5.01.10_PM.png
  5. Change the Provisioning Mode from “Manual” to “Automatic.”

    Screen_Shot_2017-07-20_at_5.02.28_PM.png
  6. In your Lucidchart account, navigate to Team > App Integration > SCIM and generate a new SCIM Bearer Token.

    Screen_Shot_2017-07-20_at_5.03.46_PM.png
  7. Insert the Lucidchart Bearer Token into the “Secret Token” field and then select “Test Connection.”

    Screen_Shot_2017-07-20_at_5.05.02_PM.png
  8. Turn Provisioning status “On” and select “Save.”

    Screen_Shot_2017-07-20_at_5.06.31_PM.png

Setting Up Lucidchart within Azure

To get started, you will first need to add Lucidchart to your applications in Azure.

  1. Log into the Azure admin panel and select ‘Active Directory’ from the menu on the left. You may need to scroll down to locate ‘Active Directory.’

    Azure Admin Panel
  2. Select the directory where you would like to install the Lucidchart application.

    Select Directory
  3. After accessing the directory, select ‘Applications’ from the menu at the top of the directory.

    Applications
  4. Select the ‘Add’ button at the bottom of the Applications page.

    Add button at bottom of applications page
  5. Select ‘Add an application from the gallery.’

    Gallery
  6. Enter Lucidchart into the search bar and press enter or select the search icon.

    Lucidchart Search
  7. Select Lucidchart from the search menu and select the check box in the bottom-right corner.

    Select Lucidchart

Configuring the Classic SAML Integration

  1. Navigate to https://manage.windowsazure.com/.
  2. Select ‘Configure Single sign-on’ from the Lucidchart application page in Azure.

    Lucidchart application page
  3. Select ‘Microsoft Azure AD Single Sign-On’ from the configuration dialogue and then select the arrow at the bottom-right of the dialogue to continue.

    configuration dialogu
  4. Next we will need to retrieve the Lucidchart sign-on URL from Lucidchart and insert it into Azure. Log in to your Lucidchart admin user in a new window or tab and select ‘Team’ from the top of the screen.

    Select Team
  5. Navigate to the ‘App Integration’ page.

    Integration page
  6. Select ‘SAML’ on the integrations page.

    Select SAML
  7. Select ‘Enable SAML Integration’ at the top of the page.

    Check Enable
  8. Enter your account domain in the ‘Domain’ field under the ‘Lucidchart Sign in URL’ section. Be sure to enter in just the domain, not a full URL. This domain must match the domain associated with your Active Directory in Azure.

    Enter Domain
  9. Copy the Lucidchart Sign in URL and paste the URL in the ‘Sign On URL’ field in Azure. The URL should look like https://lucidchart.com/saml/sso/yourdomain.com. After entering the URL, select the next arrow at the bottom-right of the dialogue.

    Enter URL
  10. Next we will download the Azure metadata and insert it into Lucidchart. Select ‘Download metadata’ from the dialogue. Open the metadata file in a text editor and copy all of the text.

  11. In the Lucidchart SAML integration page paste all of the metadata text into the text box under ‘Identity Provider Metadata’ in and select ‘Save changes.’

    Download metadata
  12. Return the Azure configuration dialogue and check the box at the bottom of the dialogue confirming that you’ve completed the Lucidchart SAML configuration. Select the next arrow at the bottom right of the dialogue.

    Azure Configuration Dialog

Assigning Users to Lucidchart

  1. Next we will assign user to the Lucidchart App. Select ‘Assign accounts’ on the Lucidchart app page in Azure.

    Lucidchart App Page
  2. Select the user you would like to grant access to Lucidchart.

    Select User
  3. Select ‘Assign’ at the bottom of the screen and select ‘Yes’ to confirm your selection.

    Select Assign

 

0 out of 0 found this helpful