Single Sign-On (SSO) with Azure Active Directory

SmartDraw let's you provision your users using SSO through Azure Active Directory.

When you integrate SmartDraw with Azure AD, you can:

• Control who has access to SmartDraw using Azure Active Directory
• Enable your users to sign-in to SmartDraw with their Azure AD accounts
• Manage your accounts in the Azure portal as a central location

SmartDraw supports

• SP and IDP initiated SSO
• Just In Time user provisioning

To configure the integration of SmartDraw into Azure AD, you need to add SmartDraw from the gallery to your list of managed SaaS apps.

• Sign in to the Azure portal
• Select the Azure Active Directory service
• Navigate to Enterprise Applications and then select All Applications
• Select New application
• In the Add from the gallery section, type SmartDraw in the search box.
• Select SmartDraw from results panel and then add the app.

In the Azure portal, on the SmartDraw application integration page, find the Manage section and select single sign-on.

Next, choose SAML.

On the Set up single sign-on with SAML page, click the edit/pen icon for Basic SAML Configuration to edit the settings.

Click Set additional URLs to configure the application in SP initiated mode:
In the Sign-on URL text box, type a URL using the following pattern: https://cloud.smartdraw.com/sso/saml/login/[[domain]]

SmartDraw application expects the SAML assertions in a specific format, which requires you to add custom attribute mappings to your SAML token attributes configuration.

In addition to above, SmartDraw application expects few more attributes to be passed back in SAML response which are shown below. These attributes are also pre populated but you can review them as per your requirements.

On the Set up single sign-on with SAML page, in the SAML Signing Certificate section, find Federation Metadata XML and select Download to download the certificate and save it on your computer. You will need to add this XML to your SmartDraw account.

On the Set up SmartDraw section, copy the appropriate URL(s) based on your requirement.

You're now ready to configure the SmartDraw portion of your SSO. Login to your SmartDraw Account, click on Licenses and Subscriptions, and select your your license key. In the "Identity Management" section, click on Single Sign-On.

Import Your SAML Metadata

Take the XML data that you downloaded from Azure previously and upload it to your SmartDraw account.

Click on "Import SAML Metadata from your Identity Provider" and import your data.

Verify and Activate SSO

SmartDraw will process your imported data automatically. Make sure your domain and SAML issuer URL look good and click Save Configuration to enable Single Sign-On.

You're now ready to test your set up.

When you're ready to fully enable SSO for every user, make sure you check Publish to All Users and save your settings.

This toggle lets you check your SSO set up before users see it. You can turn it on an off as you need to test things, but it needs to be checked for your users to be able to use SSO with SmartDraw.

Once the configuration is saved, you'll notice that SSO is marked as "Enabled" on the license's home screen. You can modify this configuration at any time or turn off SSO if you wish.