LogoLogo
GoodAccess WebsiteRequest Free TrialDownload App
  • Getting Started
    • 1. What is GoodAccess?
    • 2. Architecture Overview
    • 3. Sign up for Free Trial
    • 4. Download App & Connect
  • 🖥️Configuration guides
    • Features
      • Zero Trust Access Control
        • Access Cards
        • Device Posture Check
        • Device Approval
        • Geo Restrictions
      • API Integration
        • API Reference
          • Members
          • Groups
          • Systems
          • Access Cards
          • Relations
          • Gateways
          • Logs
        • Acronis Integration
      • SIEM Integration
      • SSO/SCIM
        • Auth0
        • Cisco Duo
        • Google Workspace
        • JumpCloud
        • Microsoft Entra ID
        • Okta
        • OneLogin
        • Ping Identity
        • Universal (SAML)
      • MFA
      • Passkeys
      • MSI deployment
      • Threat Blocker
      • Custom Domain Blocking
      • DNS Management
      • Split Tunneling
      • Port Forwarding
    • Branch Connector
      • Cisco
      • Cisco Meraki
      • FortiGate
      • MikroTik
      • SonicWall
      • UniFi USG
      • Zyxel Nebula Control Center
      • Other supported routers and firewalls
    • Cloud Connector
      • AWS
      • Google Cloud
      • Microsoft Azure
      • Other Public Cloud providers
    • IP whitelisting
      • APACHE Web Server
      • AWS VPC
      • Azure (Office 365)
      • Google Cloud
      • Google Workspace
      • Magento
      • Microsoft IIS
      • NGINX
        • Domain
        • Subdomain
        • URL
      • OpenCart
      • PHP
      • PHPMyAdmin
      • Pipedrive
      • SalesForce
      • SSH server
      • WordPress
      • Zoho CRM
    • Linux
      • DEB repository
      • RPM repository
      • Manual installation
      • Linux Troubleshooting
  • 🆘FAQ & Troubleshooting
    • FAQ
      • Business
      • Technical
    • Troubleshooting
  • 📓Product Changelog
    • Windows
    • macOS
Powered by GitBook
On this page
  • Step 1 - Adding a new identity provider
  • Step 2 - Setting up Single Sign-On with SAML
  • 1. Single Sign-On Configuration
  • 2. Attributes
  • 3. Setting up GoodAccess
  • Step 3 (optional) - Setting up SCIM
  • Step 4 - Managing user access

Was this helpful?

  1. Configuration guides
  2. Features
  3. SSO/SCIM

JumpCloud

This guide will show you how to integrate GoodAccess with JumpCloud SSO.

PreviousGoogle WorkspaceNextMicrosoft Entra ID

Last updated 2 months ago

Was this helpful?

This feature is available in the Premium plan and higher.

Remember to to GoodAccess. Users without them won't be able to log in.

Step 1 - Adding a new identity provider

Click + Add provider, enter the Provider name, choose your Identity Provider, and click Continue.

Step 2 - Setting up Single Sign-On with SAML

Log in to the , and go to User Authentication > SSO Applications.

Click + Add New Application, select Custom Application, and click Next.

Select Manage Single Sign-On (SSO) > Configure SSO with SAML, and click Next.

Give the application a name, and click Save Application.

Click Configure Application.

1. Single Sign-On Configuration

Copy the details from GoodAccess - (2) GoodAccess links.

  • SP Entity ID - Entity ID

  • ACS URLs - Assertion Consumer Service URL

  • SAMLSubject NameID - email

  • SAMLSubject NameID Format - urn:oasis:names:tc:SAML:2.0:nameid-format:unspecified

  • Signature Algorithm - RSA-SHA256

  • Default Relay State - Relay State

  • Login URL - Login URL

Return to GoodAccess, and click Continue.

Return to JumpCloud.

2. Attributes

Click add attribute, and add the following attribute:

Service Provider Attribute Name
JumpCloud Attribute Name

"email" (without quotes)

email

3. Setting up GoodAccess

Click Copy Metadata URL, and open the URL in a new tab.

Copy the details to GoodAccess - (3) Identity Provider links, and click Continue.

  • Sign in URL - IDP URL

  • Entity ID - IdP Entity ID (choose a name)

  • X509 signing certificate - Copy the certificate from the new tab

Return to JumpCloud, and click Save.

If you don't want to setup SCIM, skip the next step in GoodAccess, and click Submit to finish the configuration.

You have now successfully set up your JumpCloud SSO with GoodAccess.

Step 3 (optional) - Setting up SCIM

In the application, go to Identity Management.

Copy the URL and Token from GoodAccess - (4) User provisioning (SCIM).

  • API Type - SCIM API

  • SCIM Version - SCIM 2.0

  • Base URL - URL

  • Token Key - Token

  • Test User Email - Enter any email address (e.g. test@test.com)

Return to GoodAccess, and click Submit.

Return to JumpCloud, and click Test Connection.

Click Activate, and Save to finish the configuration.

The whole provisioning process will take around 20 minutes to complete depending on the number of members and groups being added.

You have now successfully set up JumpCloud SCIM with GoodAccess.

Step 4 - Managing user access

In the application, go to User Groups.

Choose who should have access, and click Save.

🖥️
Log in to the GoodAccess Control Panel, and go to Settings > SSO & Identity.
JumpCloud Admin console
grant your JumpCloud users access permissions
Adding a new custom SAML application
Adding a new custom SAML application
Adding a new custom SAML application
Setting up Single Sign-On
Setting up Single Sign-On
Copying the certificate from the new tab
Setting up SCIM
Managing user access
JumpCloud Admin console with key steps to adding a new custom SAML application.
JumpCloud Admin console with key steps to adding a new custom SAML application.
JumpCloud Admin console with key steps to adding a new custom SAML application.
JumpCloud Admin console with key steps to setting up Single Sign-On.
JumpCloud Admin console with key steps to setting up Single Sign-On.
XML file in web browser highlighting the X509 signing certificate.
JumpCloud Admin console with key steps to setting up SCIM.
JumpCloud Admin console with key steps to managing user access.