Target audience: Workspace administrators

This article is part of the New LucidLink Single Sign-On (SSO) SAML 2.0 implementation series of articles.

Requirements

• Organization email domain configured and verified in the LucidLink Application or Webportal for your Workspace. Please use this article for the domain setup.
• Admin Access to create the app in your Identity Provider's Admin Console.

Setup instructions

1. Start the integration within the LucidLink​ Application or Webportal

From the LucidLink Application or Webportal, click on the 3-dot menu next to the Workspace name and click on SSO Integration. Then click on the Set Up SSO button.

Obtain the values from the following 2 fields from the SSO configuration page to put into your IdP Admin Console in the next step:

• Service Provider Consumer URL
• Service Provider entity ID

2. Create a LucidLink app within the Okta Admin Console

If your Okta application is already created, choose it from the Application list and move to Section 3 - Configure the LucidLink application within the Okta Admin Console.

From your Okta Admin Console, click Applications from the left navigation menu.

Click the Create App Integration button to create a new application.

Choose SAML 2.0 from the next screen and click Next.


Give the App a name and click Next:

3. Configure the LucidLink app within the Okta Admin Console

Enter the following values in the SAML Settings section panel:

• Single sign-on URL (Service Provider Consumer URL value from LucidLink SSO Integration) 
• Audience URI (SP Entity ID) (Service Provider entity ID value from LucidLink SSO Integration) 
• Select EmailAddress from the Name ID format dropdown.

Scroll Down to the Attribute Statements (optional) section, add the following attribute, and then hit Next.

On the next screen select It's required to contact the vendor to enable SAML and click Finish.

On the Application Sign On page, expand the More Details section under the Metadata details section. 

Obtain the values from the following 2 fields to put into the LucidLink SSO Integration tab in the next step:

• Sign on URL
• Issuer

Click the Download button next to the Signing Certificate line.

4. Finish the integration within the LucidLink​ SSO Integration tab

Enter the 2 fields from the Okta Admin Console into the LucidLink SSO Integration tab:

• Single Sign-On URL
• Identity Provider entity ID (Issuer URL from  the last step in Okta)

Then upload the Identity provider certificate and click Save.

You have done it!

You should now see the Okta SSO setup In the LucidLink SSO Integration tab. You will need to select your authentication settings and then download the SSO Key to distribute to any users needing to authenticate to your Workspace via SSO.

Add users and groups to your app within the Okta Admin Console

You will need to assign your Okta users and groups to the new LucidLink app within the Okta Admin Portal before the users can authenticate within the LucidLink Application or Webportal.

Next Step:

• Configure your Workspace single sign-on authentication settings.