SmartDraw let's you provision your users using SSO through Azure Active Directory.
When you integrate SmartDraw with Azure AD, you can:
- Control who has access to SmartDraw using Azure Active Directory
- Enable your users to sign-in to SmartDraw with their Azure AD account
- Manage your accounts in the Azure portal as a central location
Add SmartDraw from the Gallery in Your Azure AD Portal
To configure the integration of SmartDraw into Azure AD, you need to add SmartDraw from the gallery to your list of managed SaaS apps.
Select the Azure Active Directory service and navigate to Enterprise Applications.
Search for SmartDraw.
Select SmartDraw from results panel and you should see a pop-in from the right with details. Click Create.
Set Up Single Sign-On with SAML
In the Azure portal, on the SmartDraw application integration page, find the Manage section and select Single Sign-on.
Next, choose SAML.
On the Set up single sign-on with SAML page, click the edit/pen icon for Basic SAML Configuration to edit the settings.
You need to make 3 configuration settings.
Identifier ID = https://www.smartdraw.com
Reply URL (Assertion Consumer Service URL) = https://cloud.smartdraw.com/sso/saml/login/acme.com NOTE: Replace acme.com with your domain.
Relay State = https://cloud.smartdraw.com
Click Save. Your configuration should now look similar to this.
Configure SAML Attributes
SmartDraw application expects the SAML assertions in a specific format, which requires you to add custom attribute mappings to your SAML token attributes configuration.
In addition to above, SmartDraw application expects few more attributes to be passed back in SAML response which are shown below. These attributes are also pre-populated but you can review them as per your requirements.
Before continuing, the groups claim needs to be modified. Click the Edit link in Attributes & Claims, then click Add Group Claim. We recommend the default of All Groups in most cases as this allows you to use any group type in Azure with SmartDraw.
If you have additional security requirements, or know the specific group you want to use with SmartDraw you can configure that now. Once your groups claim is configured, click Save and then the browser back button.
On the Set up single sign-on with SAML page, in the SAML Signing Certificate section, find Federation Metadata XML and select Download to download the certificate and save it on your computer. You will need to add this XML to your SmartDraw account.
On the Set up SmartDraw section, copy the appropriate URL(s) based on your requirement.
Login to your SmartDraw account and click on the SSO tab in the left navigation.
Click on the Import SAML Metadata button.
On the next screen, select XML file and browse to the XML file you saved from Azure AD on your computer.
SmartDraw will automatically process the imported file. You can double-check the SAML issues and URL and click Save Configuration to enable Azure AD SSO.
When you're ready to fully enable SSO for every user, make sure you check All all users of the above domains to login using this Saml config and save your settings.
This toggle lets you check your SSO set up before users see it. You can turn it on an off as you need to test things, but it needs to be checked for your users to be able to use SSO with SmartDraw.