Page Comparison

This guide is intended to help configure single sign on / SAML 2.0  for Lucidity Software to be able to authenticate against your Google users.

Create a Lucidity app Instance

1. Log in to https://admin.google.com 

   NOTE: The account that you use needs to have Super Admin privileges to perform the setup.
   

2. Click on the hamburger menu

   Image Removed

3. Navigate to App → SAML apps
   Image Removed
   

4. Click Create

   Image Removed

5. Select the "SETUP MY OWN CUSTOM APP"

   Image Removed

6. Download the IPD Metadata On the left-hand-side menu click Apps > Web and mobile apps

   Image Added

7. In the centre of the “Web and mobile apps“ screen click Add app > Add custom SAML app
   

   Image Added

8. The “Add custom SAML app“ modal will be displayed
   

   Image Added

9. Enter an appropriate “App name“ such as “Lucidity“ and optionally select a new icon. Click Continue
   

   Image Added

   Suggested icon:

   Image Added

10. Download metadata in Option 1 and send this file to the Lucidity Contact your Lucidity Customer Representative. Click Continue
    You can also get this data once the app has been set up
    

    Image Removed

11. Click next

12. Fill in the Application Nam, Description and logo can be anything you want as long as you remember whats it for, we recommend calling your app “Lucidity Software” and using the Lucidity icon provided:

    Image Removed

13. Once you have done this click Next

14. Enter the following details provided below and leave the rest as  the default value:
    NOTE: Replace {site-name} with your Lucidity site name.

    Under the General section:

    ACS URL
    Image Added

15. In the “Service provider details“ screen enter the following (leave the Name ID format and Name ID values as default):

    1. ACS URL: https://{

    site-name

    1. clientName}.

    luciditysoftware.com.au

    1. {domain}/simplesaml/module.php/saml/sp/saml2-acs.php/{

    site-name

    1. clientName}

    2. Entity ID

    
    

    1. : https://{

    site-name

    1. clientName}.

    luciditysoftware.com.au

    1. {domain}/simplesaml/module.php/saml/sp/metadata.php/{

    site-name

    1. clientName}

    2. Start URL:

    
    

    1. https://{

    site-name

    1. clientName}.

    luciditysoftware.com.au

    1. {domain}/home/login/lucidityintranet/completesso/{

    site-name}

    leave the Name ID and Name ID format as the default values
    Image Removed

16. Click next

17. Add a new Mapping Under the Attribute Mapping:
    Add the following in the following fields:
    Enter the application attribute

    1. clientName}

    2. NOTE: {clientName} represents your Lucidity instances subdomain and {domain} represents your Lucidity domain (luciditysoftware.com.au or lucidity.io)
       

       Image Added

18. Click Continue

19. In the “Attribute mapping“ screen click Add mapping:

    1. Google Directory attributes: Basic Information > Primary email

    2. App attributes: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn
       Select category: Basic Information
       Select user field: Primary Email

    3. NOTE: The value needs to match the username naming conventions used for users in Lucidity. If an email is used only

    teh

    1. the first part is required (eg bob.smith@somewhere.com becomes bob.smith for authentication)
       

    Image Removed
    1. Image Added

20. Click Finished Finish

21. Enable the App

    Image Removed

    . From back in the main SAML app index, select the newly created app

22. Click User access
    

    Image Added

23. Select ON for everyone OR select the required group(s) from the left-hand-side. Click Save
    

    Image Added

24. If you have not already sent the metadata.xml to you Lucidity contact Customer Representative please do so now, so that they can finish the set up