Target audience: Workspace administrators

This article is part of the New LucidLink Single Sign-On (SSO) SAML 2.0 implementation series of articles.

Requirements

• Organization email domain configured and verified in the LucidLink Application or Webportal for your Workspace. Please use this article for the domain setup.
• Admin Access to create the app in your Identity Provider's Admin Console.

Setup instructions

1. Start the integration within the LucidLink​ Application or Webportal

From the LucidLink Application or Webportal, click on the 3-dot menu next to the Workspace name and click on SSO Integration. Then click on the Set Up SSO button.

Obtain the values from the following 2 fields from the SSO configuration page to put into your IdP Admin Console in the next step:

• Service Provider Consumer URL
• Service Provider entity ID

2. Create a LucidLink app within the Microsoft Entra admin center:

From your Microsoft Entra admin center, click Applications and then Enterprise Applications from the left navigation menu. On the next page, click the New Application button at the top of the applications list.

On the next page, click the Create your own application button. Give your application a Name and click Create.

3. Configure the LucidLink app within the Microsoft Entra admin center

From the Left Navigation Panel of your app, Click on Manage, then select Single Sign On, and then SAML.

On the next page, click Edit in the Basic SAML Configuration section, enter the following values, and then click Save:

• Identifier (Entity ID) (Service Provider entity ID value from LucidLink SSO Integration tab) 
• Reply URL (Assertion Consumer Service URL) (Service Provider Consumer URL value from LucidLink SSO Integration tab) 

Download the Certificate (Base64) from the SAML Certificates section

Obtain the values from the following 2 fields to put into the LucidLink SSO Integration tab in the next step:

• Login URL
• Microsoft Entra Identifier

4. Finish the integration within the LucidLink​ SSO Integration tab

Enter the 2 fields from the Microsoft Entra admin center into the LucidLink​ SSO Integration tab:

• Single Sign-On URL (Login URL from the Microsoft Entra admin center)
• Identity Provider entity ID (Microsoft Entra Identifier from the Microsoft Entra admin center)

Then, upload the Identity provider certificate and click Save.

You have done it!

You should now see the Microsoft Entra ID SSO setup in the LucidLink​ SSO Integration tab. You will need to select your authentication setting and then download the SSO Key to distribute to any users needing to authenticate to your Workspace via SSO.

Enable User Access to your app within the Microsoft Entra admin center

You will need to add Entra ID users/groups to the new app before they can authenticate using SSO within the LucidLink Application or Webportal.

Next Step:

• Configure your Workspace single sign-on authentication settings.