Single Sign-On (SSO) with Azure Active Directory

SmartDraw let's you provision your users using SSO through Azure Active Directory.

When you integrate SmartDraw with Azure AD, you can:

• Control who has access to SmartDraw using Azure Active Directory
• Enable your users to sign-in to SmartDraw with their Azure AD accounts
• Manage your accounts in the Azure portal as a central location

SmartDraw supports

• SP and IDP initiated SSO
• Just In Time user provisioning

To configure the integration of SmartDraw into Azure AD, you need to add SmartDraw from the gallery to your list of managed SaaS apps.

• Sign in to the Azure portal
• Select the Azure Active Directory service
• Navigate to Enterprise Applications and then select All Applications
• Select New application
• In the Add from the gallery section, type SmartDraw in the search box.
• Select SmartDraw from results panel and then add the app.

In the Azure portal, on the SmartDraw application integration page, find the Manage section and select single sign-on.

Next, choose SAML.

On the Set up single sign-on with SAML page, click the edit/pen icon for Basic SAML Configuration to edit the settings.

Click Set additional URLs to configure the application in SP initiated mode:
In the Sign-on URL text box, type a URL using the following pattern: https://cloud.smartdraw.com/sso/saml/login/[[domain]]

You can get this URL from your Account at https://www.smartdraw.com/myaccount/. Just select the license you want to enable SSO for under Licenses and Subscriptions, click Manage License, and choose Single Sign-On. Type in your domain and you'll see the SP Initiated Login URL populate. You can copy that for configuring in the Azure portal.

Once you have the URL from your SmartDraw Account, click Save.

SmartDraw application expects the SAML assertions in a specific format, which requires you to add custom attribute mappings to your SAML token attributes configuration.

In addition to above, SmartDraw application expects few more attributes to be passed back in SAML response which are shown below. These attributes are also pre populated but you can review them as per your requirements.

On the Set up single sign-on with SAML page, in the SAML Signing Certificate section, find Federation Metadata XML and select Download to download the certificate and save it on your computer. You will need to add this XML to your SmartDraw account.

On the Set up SmartDraw section, copy the appropriate URL(s) based on your requirement.

You're now ready to configure the SmartDraw portion of your SSO. Login to your SmartDraw Account, click on Licenses and Subscriptions, and select your your license key. In the "Identity Management" section, click on Single Sign-On.

Fill out the form by copy-pasting the custom data from your Azure Portal including the SAML Issuer URL and your SAML metadata that you saved earlier. Click Save Configuration and single sign-on shoud now be enabled.