[Access for SaaS] Ironclad tutorial (#15695)

* create tutorial and fix weights

* Update content/cloudflare-one/applications/configure-apps/saas-apps/ironclad-saas.md

Co-authored-by: Max Phillips <mphillips@cloudflare.com>

---------

Co-authored-by: Max Phillips <mphillips@cloudflare.com>

content/cloudflare-one/applications/configure-apps/saas-apps/google-cloud-saas.md

@@ -1,7 +1,7 @@
 ---
 pcx_content_type: how-to
 title: Google Cloud
-weight: 9
+weight: 10
 ---
 
 # Connect to Google Cloud through Access

content/cloudflare-one/applications/configure-apps/saas-apps/google-workspace-saas.md

@@ -1,7 +1,7 @@
 ---
 pcx_content_type: how-to
 title: Google Workspace
-weight: 9
+weight: 10
 ---
 
 # Connect to Google Workspace through Access

content/cloudflare-one/applications/configure-apps/saas-apps/grafana-cloud-saas-oidc.md

@@ -1,7 +1,7 @@
 ---
 pcx_content_type: how-to
 title: Grafana Cloud
-weight: 10
+weight: 11
 ---
 
 # Connect to Grafana Cloud through Access

content/cloudflare-one/applications/configure-apps/saas-apps/grafana-saas-oidc.md

@@ -1,7 +1,7 @@
 ---
 pcx_content_type: how-to
 title: Grafana
-weight: 10
+weight: 11
 ---
 
 # Connect to Grafana through Access

content/cloudflare-one/applications/configure-apps/saas-apps/greenhouse-saas.md

@@ -1,7 +1,7 @@
 ---
 pcx_content_type: how-to
 title: Greenhouse Recruiting
-weight: 11
+weight: 12
 ---
 
 # Connect to Greenhouse Recruiting through Access

content/cloudflare-one/applications/configure-apps/saas-apps/hubspot-saas.md

@@ -1,7 +1,7 @@
 ---
 pcx_content_type: how-to
 title: Hubspot
-weight: 12
+weight: 13
 ---
 
 # Connect to Hubspot through Access

content/cloudflare-one/applications/configure-apps/saas-apps/ironclad-saas.md

@@ -0,0 +1,54 @@
+---
+pcx_content_type: how-to
+title: Ironclad
+weight: 14
+---
+
+# Connect to Ironclad through Access
+
+This guide covers how to configure [Ironclad](https://support.ironcladapp.com/hc/articles/12286012625559-Set-Up-Generic-SSO-SAML-Integration) as a SAML application in Cloudflare Zero Trust.
+
+## Prerequisites
+
+- An [identity provider](/cloudflare-one/identity/idp-integration/) configured in Cloudflare Zero Trust
+- Admin access to a Ironclad site
+
+## 1. Add a SaaS application to Cloudflare Zero Trust
+
+1. In [Zero Trust](https://one.dash.cloudflare.com), go to **Access** > **Applications**.
+2. Select **Add an application** > **SaaS**.
+3. For **Application**, enter `Ironclad` and select the corresponding textbox that appears.
+4. For the authentication protocol, select **SAML**.
+5. Select **Add application**.
+7. Copy the **SSO Endpoint** and **Public key**.
+8. Keep this window open without selecting **Select configuration**. You will finish this configuration in step [3. Finish adding a SaaS application to Cloudflare Zero Trust](#3-finish-adding-a-saas-application-to-cloudflare-zero-trust).
+
+## 2. Add a SAML SSO provider to Ironclad
+
+1. In Ironclad, select your profile picture > **Company settings** > **Integrations** > **SAML**.
+2. Select **Add SAML Configuration** > **Show Additional IdP Settings**.
+4. Copy the **Callback** value.
+5. Fill in the following fields:
+    -  **Entry Point**: SSO endpoint from application configuration in Cloudflare Zero Trust.
+    - **Identity Provider Certificate**: Public key from application configuration in Cloudflare Zero Trust.  The key will automatically be wrapped in `-----BEGIN CERTIFICATE-----` and `-----END CERTIFICATE-----`.
+6. Select **Save**.
+
+## 3. Finish adding a SaaS application to Cloudflare Zero Trust
+
+1. In your open Zero Trust window, fill in the following fields:
+    - **Entity ID**: `ironcladapp.com`
+    - **Assertion Consumer Service URL**: Callback from Ironclad SAML SSO set-up.
+    - **Name ID format**: _Email_
+2. Select **Save configuration**.
+3. Configure [Access policies](/cloudflare-one/policies/access/) for the application.
+4. Select **Done**.
+
+## 4. Add a test user to Ironclad and test the integration
+
+1. In Ironclad, select your profile picture > **Company settings** > **Users & Groups**.
+2. Select **Invite User**.
+3. For **Email addresses**, add your desired email address for your test user.
+4. For **Sign-in Method**, ensure **Sign in with (your-team-domain.cloudflareaccess.com)** is selected
+5. Select **Invite**.
+6. In the invitation email sent to the test user, select **Join now**. You will be redirected to the Cloudflare Access login screen and prompted to sign in with your identity provider.
+7. Once this is successful, you can contact your LE, CSM POC, or `support@ironcladapp.com` to migrate existing users to SSO login.

content/cloudflare-one/applications/configure-apps/saas-apps/jamf-pro-saas.md

@@ -1,7 +1,7 @@
 ---
 pcx_content_type: how-to
 title: Jamf Pro
-weight: 13
+weight: 15
 ---
 
 # Connect to Jamf Pro through Access

content/cloudflare-one/applications/configure-apps/saas-apps/pagerduty-saml-saas.md

@@ -1,7 +1,7 @@
 ---
 pcx_content_type: how-to
 title: PagerDuty
-weight: 14
+weight: 16
 ---
 
 # Connect to PagerDuty through Access

content/cloudflare-one/applications/configure-apps/saas-apps/pingboard-saas.md

@@ -1,7 +1,7 @@
 ---
 pcx_content_type: how-to
 title: Pingboard
-weight: 15
+weight: 17
 ---
 
 # Connect to Pingboard through Access (SAML)

content/cloudflare-one/applications/configure-apps/saas-apps/salesforce-saas-oidc.md

@@ -1,7 +1,7 @@
 ---
 pcx_content_type: how-to
 title: Salesforce (OIDC)
-weight: 16
+weight: 18
 ---
 
 # Connect to Salesforce through Access (OIDC)

content/cloudflare-one/applications/configure-apps/saas-apps/salesforce-saas-saml.md

@@ -1,7 +1,7 @@
 ---
 pcx_content_type: how-to
 title: Salesforce (SAML)
-weight: 16
+weight: 18
 ---
 
 # Connect to Salesforce through Access (SAML)

content/cloudflare-one/applications/configure-apps/saas-apps/servicenow-saas-oidc.md

@@ -1,7 +1,7 @@
 ---
 pcx_content_type: how-to
 title: ServiceNow (OIDC)
-weight: 17
+weight: 19
 ---
 
 # Connect to ServiceNow through Access (OIDC)

content/cloudflare-one/applications/configure-apps/saas-apps/servicenow-saas-saml.md

@@ -1,7 +1,7 @@
 ---
 pcx_content_type: how-to
 title: ServiceNow (SAML)
-weight: 17
+weight: 19
 ---
 
 # Connect to ServiceNow through Access (SAML)

content/cloudflare-one/applications/configure-apps/saas-apps/slack-saas.md

@@ -1,7 +1,7 @@
 ---
 pcx_content_type: how-to
 title: Slack
-weight: 18
+weight: 20
 ---
 
 # Connect to Slack through Access

content/cloudflare-one/applications/configure-apps/saas-apps/smartsheet-saas.md

@@ -1,7 +1,7 @@
 ---
 pcx_content_type: how-to
 title: Smartsheet
-weight: 19
+weight: 21
 ---
 
 # Connect to Smartsheet through Access

content/cloudflare-one/applications/configure-apps/saas-apps/tableau-saml-saas.md

@@ -1,7 +1,7 @@
 ---
 pcx_content_type: how-to
 title: Tableau Cloud
-weight: 20
+weight: 22
 ---
 
 # Connect to Tableau Cloud through Access

content/cloudflare-one/applications/configure-apps/saas-apps/workday-saas.md

@@ -1,7 +1,7 @@
 ---
 pcx_content_type: how-to
 title: Workday
-weight: 19
+weight: 23
 ---
 
 # Connect to Workday through Access

content/cloudflare-one/applications/configure-apps/saas-apps/zendesk-sso-saas.md

@@ -1,7 +1,7 @@
 ---
 pcx_content_type: how-to
 title: Zendesk
-weight: 22
+weight: 24
 ---
 
 # Connect to Zendesk through Access

content/cloudflare-one/applications/configure-apps/saas-apps/zoom-saas.md

@@ -1,7 +1,7 @@
 ---
 pcx_content_type: how-to
 title: Zoom
-weight: 23
+weight: 25
 ---
 
 # Connect to Zoom through Access