This guide is intended to help configure single sign on / SAML 2.0 for Lucidity Software to be able to authenticate against your Google users.
Create a Lucidity app instance
Log in to https://admin.google.com
The account that you use needs to have Super admin privileges to perform the setup
- Click on the hamburger menu
- Navigate to App → SAML apps
- Click Create
- Select the "SETUP MY OWN CUSTOM APP"
- Download the IPD Metadata and send this file to the Lucidity Contact
You can also get this data once the app has been set up
- Click next
- Fill in the Application Nam, Description and logo can be anything you want as long as you remember whats it for, we recommend calling your app “Lucidity Software” and using the Lucidity icon provided:
- Once you have done this click Next
Enter the following details provided below and leave the rest as the default value:
Replace {site-name} with your lucidity site name
Under the General section:
ACS URL
https://{site-name}.luciditysoftware.com.au/simplesaml/module.php/saml/sp/saml2-acs.php/{site-name}
Entity ID
https://{site-name}.luciditysoftware.com.au/simplesaml/module.php/saml/sp/metadata.php/{site-name}
Start URL:
https://{site-name}.luciditysoftware.com.au/home/login/lucidityintranet/completesso/{site-name}
leave the Name ID and Name ID format as the default values
Click next
Add a new Mapping Under the Attribute Mapping:
Add the following in the following fields:
Enter the application attribute: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn
Select category: Basic Information
Select user field: Primary EmailThe value needs to match the username naming convention used for users in Lucidity. If an email is used only the first part is required (eg bob.smith@somewere.com becomes bob.smith for authentication)
- Click Finished
- Enable the App
- If you have not already sent the metadata.xml to you Lucidity contact please do so now, so that they can finish the set up