--- title: Configure PingFederate for SSO description: The following section describes the steps for configuring single sign-on (SSO) to Lucidchart. Configuring SAML SSO involves both configuring PingFederate SP connection and the Lucidchart SSO screens. component: lucidchart page_id: lucidchart:setup:pf_lucidchart_connector_configure_pf_for_sso canonical_url: https://docs.pingidentity.com/integrations/lucidchart/setup/pf_lucidchart_connector_configure_pf_for_sso.html revdate: June 21, 2024 section_ids: about-this-task: About this task steps: Steps --- # Configure PingFederate for SSO ## About this task The following section describes the steps for configuring single sign-on (SSO) to Lucidchart. Configuring SAML SSO involves both configuring PingFederate SP connection and the Lucidchart SSO screens. | | | | - | ------------------------------------------------------ | | | Configuring SSO is optional for outbound provisioning. | To configure PingFederate for SSO: ## Steps 1. Create a new SP connection or select an existing SP connection from the SP Configuration menu. 2. On the Connection Template screen, select the Use a template for this connection option and choose Lucidchart Connector from the Connection Template drop-down list. You will be asked to provide the `metadata.xml` file you obtained earlier in [Configure Lucidchart for SSO](pf_lucidchart_connector_configure_lucidchart_for_sso.html). ![Image of the Connection Template screen.](_images/acx1563995472841.png) | | | | - | ----------------------------------------------------------------------------------------------- | | | If this selection is not available, verify the connector installation and restart PingFederate. | 3. On the Connection Type screen, ensure that the Browser SSO Profiles checkbox is selected. 4. On the General Info screen, the default values are taken from the metadata file you selected in an earlier step. We recommend using the metadata default values. ![Image of the General Info screen.](_images/gft1563995477063.png) 5. Click Next to continue the Browser SSO configuration. For more information, see the following sections under [Identity provider SSO configuration](https://docs.pingidentity.com/pingfederate/latest/administrators_reference_guide/pf_ident_provid_sso_config.html): * [Managing IdP adapters](https://docs.pingidentity.com/pingfederate/latest/administrators_reference_guide/pf_managing_idp_adapters.html) * [Configure IdP Browser SSO](https://docs.pingidentity.com/pingfederate/latest/administrators_reference_guide/help_spconnectionconfigtasklet_spbrowserssostate.html) * [Configuring credentials](https://docs.pingidentity.com/pingfederate/latest/administrators_reference_guide/help_spconnectionconfigtasklet_credentialsstate.html) 6. On the **Browser SSO > SAML Profiles** screen, ensure that the IdP-initiated SSO and SP-initiated SSO profiles are selected and click Next. ![An image of the SAML Profiles screen.](_images/ykh1563995477812.png) 7. On the **Browser SSO > Protocol Settings > Allowable SAML Bindings** screen, ensure that the POST and Redirect profiles are selected (clear Artifact and SOAP). Click Next. ![An image of the Allowable SAML Bindings screen.](_images/cxl1563995478475.png) 8. On the **Credentials > Digital Signature Settings** screen, select the signing certificate. 9. On the Activation & Summary screen, set Connection Status to ACTIVE, then click Save.