New LucidLink Single Sign-On (SSO) SAML 2.0: Generic Identity Provider Settings

  • Updated

Target audience: Workspace administrators

This article is part of the New LucidLink Single Sign-On (SSO) SAML 2.0 implementation series of articles.

Requirements

  • Organization email domain configured and verified in the LucidLink Application or Webportal for your Workspace. Please use this article for the domain setup.
  • Admin Access to create the app in your Identity Provider's Admin Console.

LucidLink’s SAML 2.0 implementation supports Service Provider (SP)-initiated logins only. IdP-initiated login flows (where a user starts authentication directly from the Identity Provider dashboard and is then redirected into LucidLink) are not supported.

Setup instructions

1. Start the integration within the LucidLink​ Application or Webportal

From the LucidLink Application or Webportal, click on the 3-dot menu next to the Workspace name and click on SSO Integration. Then click on the Set Up SSO button.

SSO Setup start.png

Obtain the values from the following 2 fields from the SSO configuration page to put into your IdP Admin Console in the next step:

  • Service Provider Consumer URL
  • Service Provider entity ID
SSO Config Start_new.png

2. Create a LucidLink app within your IdP Admin Console

Every Identity Providers Console is different and will label things and order things differently

However, in general, you will need the 2 fields from the LucidLink Application in the last step.

  • Service Provider Consumer URL
  • Service Provider entity ID

You will need the following details from the IdP Admin Console to complete the setup inside LucidLink.

  • Single Sign-On URL
  • Identity Provider entity ID
  • Identity Provider certificate file

LucidLink does have the ability to support Attribute Statements in the IdP application.
The most common attribute that is used is "email" and maps to something similar in the IdP attributes, such as email address, user.email, etc.

3. Finish the integration within LucidLink​

Enter the 2 fields from the IdP Admin Console into LucidLink

  • Single Sign-On URL
  • Identity Provider entity ID (Issuer URL from  the last step in Okta)

Then, upload the Identity provider certificate and click Save.

You will need to select your authentication setting and then download the SSO Key to distribute to any users needing to authenticate to your Workspace via SSO.

Make sure that you download your SSO Key and test the integration before you change the authentication settings.

Next Step:

Was this article helpful?

0 out of 0 found this helpful