PingOne for Enterprise

Adding Lucidchart to Your PingOne for Enterprise Dock

Add the Lucidchart application your PingOne for Enterprise Dock from the application catalog.

Steps

  1. In the PingOne for Enterprise admin console, go to Applications → Application Catalog.

  2. Optional: In the Search field, search for the application.

  3. Click the Lucidchart application line to expand it and click Setup.

Next steps

Click Continue to Next Step.

Lucidchart Connection Configuration

Steps

  1. Import the metadata for Lucidchart:

    Choose from:

    • Click Select File to upload the metadata file.

    • Click Or use URL to enter the URL of the metadata.

  2. In the ACS URL field, replace the $\{domain.name} with your Lucidchart domain.

  3. In the Entity ID field, enter your entity ID.

    The pre-populated value for this field should work for most configurations.

  4. In the Target Resource field, enter a URL to redirect the user to after IdP-initiated single sign-on (SSO).

  5. In the Single Logout Endpoint field, enter a URL for PingOne to send single logout (SLO) requests to.

  6. In the Single Logout Response Endpoint field, enter a URL for PingOne to send SLO responses to.

  7. To add a Primary Verification Certificate, click Browse to locate and upload a local certificate file used to verify SLO requests and responses coming from Lucidchart.

  8. To add a Secondary Verification Certificate, click Browse to locate and upload a local certificate used to verify SLO requests and responses if the primary certificate fails.

  9. Select the Force Re-authentication check box to require your identity bridge to re-authenticate users with an active SSO session.

  10. Select the Encrypt Assertion check box to encrypt outgoing SAML assertions.

  11. On the Signing line:

    Choose from:

    • Click Sign Assertion to have PingOne sign outgoing SAML assertions. This is the default option.

    • Click Sign Response to have PingOne sign responses to incoming SAML assertions.

  12. From the Signing Algorithm list, select an algorithm with which to sign SAML assertions.

  13. Select the Use Custom URL check box to enter a customer URL to launch Lucidchart from the dock.

  14. Select the Set Up Provisioning check box to configure user provisioning to Lucidchart.

Next steps

Click Continue to Next Step.

Lucidchart Provisioning

About this task

If you don’t need to set up user provisioning, proceed to Lucidchart Attribute Mapping.

If you selected Set Up Provisioning on the Connection configuration tab:

Steps

  1. Click Continue to Next Step.

  2. Obtain your Lucidchart base URL and bearer token.

    1. In a separate tab or window, sign on to your Lucidchart account as an administrative user.

    2. In Lucidchart, go to Team → App Integration → SCIM.

    3. Click Generate Token.

      Result:

      Lucidchart will display your Base URL and Bearer Token values.

  3. In PingOne, in the BASE_URL field, enter your Lucidchart base URL.

  4. In the BEARER_TOKEN field, enter your bearer token value.

  5. From the REMOVE_ACTION list, select the action Lucidchart will take when you delete or disable a user in PingOne.

    Choose from:

    • Select Disable to have Lucidchart disable a user that you have disabled or deleted in PingOne.

    • Select Delete to have Lucidchart delete a user that you have disabled deleted in PingOne.

Next steps

Click Continue to Next Step.

Lucidchart Attribute Mapping

About this task

PingOne will automatically populate required SAML attributes.

For Lucidchart, the following attributes are required for SSO:

  • SAML_SUBJECT

  • User.FirstName

  • User.Lastname

If you enabled provisioning, the following attributes are required for provisioning:

  • userName. This attribute cannot be changed once set.

  • workEmail.

  • givenName.

  • familyName.

Steps

  1. To add an additional optional attribute, click Add new attribute.

  2. In the Application Attribute field, enter the attribute name as it appears in the application.

  3. In the Identity Bridge Attribute or Literal Value field, choose one of the following:

    Choose from:

    • To map to the application attribute: Enter or select a directory attribute.

    • To assign to the application attribute: Select As Literal, then enter a literal value.

  4. To create advanced attribute mappings, click Advanced.

    For more information, see Create advanced attribute mappings.

Next steps

Click Continue to Next Step.

Lucidchart Customization

Steps

  • To change the application icon, click Select image and upload a local image file.

    The image file must be:

    • PNG, GIF, or JPG format

    • 312 x 52 pixels maximum

    • 2 MB maximum file size

      Images are scaled to 64 x 64 pixels for display.

  • To change the name of the application displayed on the dock, in the Name field, enter a new name.

  • To change the description of the application, in the Description field, enter the new description text.

  • To change the category to which the application is assigned on the dock, in the Category list, select a category.

    For information about creating custom application categories, see Creating a custom application category.

Next steps

Click Continue to Next Step.

Lucidchart Group Access

About this task

The Group Access tab shows every user group that you have created.

For more information about creating user groups, see Add user groups.

Steps

  • To add a group’s access to the application, on the line for that group, click Add.

  • To remove a group’s access, on the line for that group, click Remove.

  • When you’re finished assigning groups, click Continue to Next Step.

Next steps

Click Continue to Next Step.

Lucidchart SAML Connection

About this task

For more information about establishing a SAML connection to Lucidchart, see SAML Overview in the Lucid Help Center documentation.

Steps

  1. On the Review Setup tab, go to the SAML Metadata line and click Download to download the PingOne metadata.

  2. Sign on to Lucidchart as an administrative user.

  3. Go to Team → Admin → App Integration → SAML.

  4. Select the Enable SAML check box.

  5. Under Lucidchart Sign In URL, in the Domain field, enter your Lucidchart account domain.

  6. Under Identity Providers, click Add Identity Provider.

  7. In a plain text editor, open the PingOne metadata file you downloaded in step 1.

  8. Copy the contents of the metadata file, and paste it into the Identity Provider Metadata field.

  9. In the Identity Provider Name, enter a name for the connection.

  10. From the Product list, select Lucidchart.

  11. Click Add Provider.

  12. Under Download Service Provider Metadata, click Save Changes.

  13. In PingOne, click Finish to complete your configuration and add Lucidchart to your PingOne Dock.