Lucidchart

Lucidchart allows users to collaborate on drawing, revising, and sharing charts and diagrams.

Types of Assets Fetched

This adapter fetches the following types of assets:

• Users
• SaaS Data

Parameters

The parameters that you need to fill out will differ based on the capabilities in your Axonius platform. 'General' pertains to users with Cybersecurity Asset Management and/or SaaS Management capabilities.

General

1. Host Name or IP Address (required) - The hostname or IP address of the Lucidchart server that Axonius can communicate with via the Required Ports.

2. Client ID and Client Secret (required) - The Client ID and Client Secret for an account that has read access to the API.

3. One Time OAuth Access Code - The access coded generated in Lucidchart for gettting the refresh token and access token, for accounts that authorize with OAuth. For more information, see Getting the Access Code.

4. Verify SSL (required, default: false) - Select whether to verify the SSL certificate of the server against the CA database inside of Axonius. For more details, see SSL Trust & CA Settings.

5. HTTPS Proxy (optional, default: empty) - Connect the adapter to a proxy instead of directly connecting it to the domain.

6. HTTPS Proxy User Name (optional, default: empty) - The user name to use when connecting to the value supplied in Host Name or IP Address via the value supplied in HTTPS Proxy.

7. HTTPS Proxy Password (optional, default: empty) - The password to use when connecting to the server using the HTTPS Proxy.

SaaS Management

1. Login URL - Needed to fetch SaaS data.
2. Redirect URL - The Lucidchart OAuth app URI. The format for this URL is "https://lucid.app/oauth2/clients{CLIENT_ID}/redirect"
3. Account ID - Your Lucidchart account ID. This is the number in your admin console URL.
   For example, if your URL is "https://admin.lucid.app/teams/123456789#/", then enter 123456789 in the Account name field.
4. Username and Password - The username and the password of an Axonius user account.
5. 2FA Secret - If the user created to collect SaaS Management data accesses Lucidchart through an SSO solution that requires 2-factor authentication, you will need to generate a secret key in that solution and paste it here. See instructions for performing this action in Okta.

To learn more about common adapter connection parameters and buttons, see Adding a New Adapter Connection.

APIs

Axonius uses the Lucid API Version 1.

Required Ports

Axonius must be able to communicate with the value supplied in Host Name or IP Address via the following ports:

• 80
• 443
  
  

Required Permissions

• The custom OAuth app you create, must be granted 'View users on your account' permission.
• The value supplied in Client ID must have account.user:readonly access token permissions to fetch assets and scope= account.user:readonly+offline_access.
• The access token must be an "Account token" and must be created by a user with Account Administrator permissions. For more information, see Access Token Types.
• The user you create must be granted Team Admin Privileges and Billing Admin(for Axonius accounts with SaaS Management capabilities), and have Developer priveliges.
  

Generating a Client ID, Client Secret, and Redirect URL

The Lucidchart adapter uses Oauth2 verification, which requires a Client ID and Client Secret.

1. Login as an admin user to your Lucid admin console.
2. From the left navigation menu, go to App Integration > General > Custom OAuth app.
3. Under the Create Custom OAuth 2.0 Client section, provide a name for your app and click on Create OAuth 2.0 Client.
   A new app is added.
4. Grant the View users on your account permission for the app.
5. Open the new app and click the OAuth 2.0 tab.
6. Copy the generated Client ID and Client Secret. Paste them in their corresponding parameters in Axonius.
   
7. (For accounts with the SaaS Management module) paste the following URL in the Redirect URL parameter (make sure to add your Client ID into the URL):
   https://lucid.app/oauth2/clients{CLIENT_ID}/redirect

Getting the Access Code

1. Navigate to: https://lucid.app/oauth2/authorizeAccount?client_id={client id}&redirect_uri=https://lucid.app/oauth2/clients/{client id}/redirect&scope=account.user:readonly+offline_access
2. Click Grant Access.
   You will be redirected to lucid.app/oauth2/clients/{client id}/redirect.
3. Underneath the Verification code, click Copy to Clipboard.
4. In Axonius paste the verification code in the One Time OAuth Access Code field.

To Access SaaS Data

Create a New User Account

1. Login as an admin user to your Lucid admin console.
2. From the left navigation menu, go to Users.
3. Click Add Users > Add a single user.
4. Provide an email address you can access.
5. Edit the users' roles and set it as Team Admin Privileges and Billing Admin Priveliges.
6. You will receive an activation mail. Open the mail and use it to set the password.
7. Copy the generated Username and Password.
8. Paste the copied values into their parameters in Axonius.

Version Matrix

This adapter was only tested with the versions marked as supported, but may work with other versions. Contact Axonius Support if you have a version that is not listed, which is not functioning as expected.

Supported From Version

Supported from Axonius version 5.0