The following section describes the steps for configuring single sign-on (SSO) to Lucidchart. Configuring SAML SSO involves both configuring PingFederate SP connection and the Lucidchart SSO screens.

Note: Configuring SSO is optional for outbound provisioning.

To configure PingFederate for SSO:

  1. Create a new SP connection or select an existing SP connection from the SP Configuration menu.
  2. On the Connection Template screen, select the Use a template for this connection option and choose Lucidchart Connector from the Connection Template drop-down list. You will be asked to provide the metadata.xml file you obtained earlier in Configure Lucidchart for SSO.
    Image of the Connection Template screen.
    Tip: If this selection is not available, verify the connector installation and restart PingFederate.
  3. On the Connection Type screen, ensure that the Browser SSO Profiles checkbox is selected.
  4. On the General Info screen, the default values are taken from the metadata file you selected in an earlier step. We recommend using the metadata default values.
    Image of the General Info screen.
  5. Click Next to continue the Browser SSO configuration. For more information, see the following sections under Identity provider SSO configuration:
  6. On the Browser SSO > SAML Profiles screen, ensure that the IdP-initiated SSO and SP-initiated SSO profiles are selected and click Next.
    An image of the SAML Profiles screen.
  7. On the Browser SSO > Protocol Settings > Allowable SAML Bindings screen, ensure that the POST and Redirect profiles are selected (clear Artifact and SOAP). Click Next.
    An image of the Allowable SAML Bindings screen.
  8. On the Credentials > Digital Signature Settings screen, select the signing certificate.
  9. On the Activation & Summary screen, set Connection Status to ACTIVE, then click Save.