Lucidum supports most SSO providers. This chapter describes how to configure your SSO to work with Lucidum.
To enable SSO login in Lucidum, you must:
enter information about your identity provider tool in the Lucidum integration tool.
if you use Okta, enter a specific value in the Okta field Default Relay State.
create user accounts using the same emails as are used in the identity provider.
Lucidum Customer Support performs configuration tasks to enable SSO integration. However, customers must perform a single step to enable the integration.
Lucidum sends you a custom URL that leads to the Lucidum integration tool.
In the integration tool, your SSO administrator must enter some information about your identity provider. The integration tool provides a detailed walkthrough for each identity provider.
After you enter the information about your identity provider in the integration tool, at login Lucidum displays a tile that allows users to login via your SSO.
Additional Requirements for Okta
If you use Okta for SSO, you must perform an additional step to complete SSO integration.
In the Okta Admin Console, click Applications and then click the desired application (should be Lucidum).
Click the Sign On tab.
In the Settings pane, click Edit
In the Default Relay State field, enter:
Create User Accounts in Lucidum
After performing the steps to integrate your SSO with Lucidum, you must create user accounts in Lucidum.
To create a new user account in Lucidum that uses your SSO:
Navigate to Settings > User Management.
In the User Management page, click New User.
In the New User model page, enter the following:
Name. Name of the new user.
Email. Email address of the new user. This must be the same email address as included in the user’s SSO profile.
SSO User. Toggle on to use your existing SSO solution.
Time Zone. Select a time zone for the new user.
Roles. Select and assign one or more roles for the new user. The default roles are:
Admin. This role allows access to all permissions in Lucidum and is appropriate for the users who administer Lucidum.
Api_Users. This role is allows access to the Lucidum API.
IT Operations. This role is for IT and security operations staff.
Lucidum_Support (Lucidum internal role only). This is a role assigned to Lucidum support staff, to maintain customer systems.
Custom roles. You can define custom roles. For details, see Creating and Managing Roles.
Click Confirm to save the new user.