LogoLogo
GoodAccess WebsiteRequest Free TrialDownload App
  • Getting Started
    • 1. What is GoodAccess?
    • 2. Architecture Overview
    • 3. Sign up for Free Trial
    • 4. Download App & Connect
  • 🖥️Configuration guides
    • Features
      • Zero Trust Access Control
        • Access Cards
        • Device Posture Check
        • Device Approval
        • Geo Restrictions
      • API Integration
        • API Reference
          • Members
          • Groups
          • Systems
          • Access Cards
          • Relations
          • Gateways
          • Logs
        • Acronis Integration
      • SIEM Integration
      • SSO/SCIM
        • Auth0
        • Cisco Duo
        • Google Workspace
        • JumpCloud
        • Microsoft Entra ID
        • Okta
        • OneLogin
        • Ping Identity
        • Universal (SAML)
      • MFA
      • Passkeys
      • MSI deployment
      • Threat Blocker
      • Custom Domain Blocking
      • DNS Management
      • Split Tunneling
      • Port Forwarding
    • Branch Connector
      • Cisco
      • Cisco Meraki
      • FortiGate
      • MikroTik
      • SonicWall
      • UniFi USG
      • Zyxel Nebula Control Center
      • Other supported routers and firewalls
    • Cloud Connector
      • AWS
      • Google Cloud
      • Microsoft Azure
      • Other Public Cloud providers
    • IP whitelisting
      • APACHE Web Server
      • AWS VPC
      • Azure (Office 365)
      • Google Cloud
      • Google Workspace
      • Magento
      • Microsoft IIS
      • NGINX
        • Domain
        • Subdomain
        • URL
      • OpenCart
      • PHP
      • PHPMyAdmin
      • Pipedrive
      • SalesForce
      • SSH server
      • WordPress
      • Zoho CRM
    • Linux
      • DEB repository
      • RPM repository
      • Manual installation
      • Linux Troubleshooting
  • 🆘FAQ & Troubleshooting
    • FAQ
      • Business
      • Technical
    • Troubleshooting
  • 📓Product Changelog
    • Windows
    • macOS
Powered by GitBook
On this page
  • Step 1 - Adding a new identity provider
  • Step 2 - Setting up Single Sign-On with SAML
  • 1. General Settings
  • 2. Configure SAML
  • 3. Feedback
  • 4. Setting up GoodAccess
  • Step 3 (optional) - Setting up SCIM
  • 1. SCIM Connection
  • 2. Provisioning to App
  • 3. (optional) Adding groups to provisioning
  • Step 4 - Managing user access

Was this helpful?

  1. Configuration guides
  2. Features
  3. SSO/SCIM

Okta

With this guide you will learn how to integrate GoodAccess with Okta SSO/SCIM.

PreviousMicrosoft Entra IDNextOneLogin

Last updated 2 months ago

Was this helpful?

This feature is available in the Premium plan and higher.

Remember to to GoodAccess. Users without them won't be able to log in.

Step 1 - Adding a new identity provider

Click + Add provider, enter the Provider name, choose your Identity Provider, and click Continue.

Step 2 - Setting up Single Sign-On with SAML

Log in to the Okta Admin console, and go to Applications > Applications.

Click Create App Integration, select SAML 2.0, and click Next.

1. General Settings

Give the application a name, and click Next.

2. Configure SAML

Copy the details from GoodAccess - (2) GoodAccess links.

General

  • Single Sign-On URL - Assertion Consumer Service URL

  • Audience URI (SP Entity ID) - Entity ID

  • Default RelayState - Relay State

  • Name ID format - Unspecified

  • Application username - Email

Attribute Statements

Name
Name format
Value

"email" (without quotes)

Unspecified

user.email

Return to GoodAccess, and click Continue.

Return to Okta, and click Next.

3. Feedback

Choose one of the Feedback options, and click Finish.

4. Setting up GoodAccess

In the application go to Sign On > SAML 2.0, and click More details.

Copy the details to GoodAccess - (3) Identity Provider links, and click Continue.

  • Sign in URL - Sign on URL

  • Entity ID - Issuer

  • X509 signing certificate - Signing Certificate

If you don't want to setup SCIM, skip the next step in GoodAccess, and click Submit to finish the configuration.

You have now successfully set up your Okta SSO with GoodAccess.

Step 3 (optional) - Setting up SCIM

In the application, go to General > App Settings, and click Edit.

Select SCIM, and click Save.

1. SCIM Connection

Go to Provisioning > Integration, and click Edit.

Copy the URL and Token from GoodAccess - (4) User provisioning (SCIM).

  • SCIM connector base URL - URL

  • Unique identifier field for users - "email" (without quotes)

  • Supported provisioning actions

    • Push New Users

    • Push Profile Updates

    • Push Groups

  • Authentication Mode - HTTP Header

  • Authorization - Token

Return to GoodAccess, and click Submit.

Return to Okta, and click Save.

2. Provisioning to App

Go to Provisioning > To App, and click Edit.

Enable:

  • Create Users

  • Update User Attributes

  • Deactivate Users

Click Save to finish the configuration.

3. (optional) Adding groups to provisioning

Go to Push Groups, and click + Push Groups > Find groups by name/rule.

Find the desired group, and click Save.

The whole provisioning process will take around 20 minutes to complete depending on the number of members and groups being added.

You have now successfully set up your Okta SCIM with GoodAccess.

Step 4 - Managing user access

In the application, go to Assigments, and click Assign > Assign to People/Groups.

Choose who should have access, and click Done.

🖥️
Log in to the GoodAccess Control Panel, and go to Settings > SSO & Identity.
grant your Okta users access permissions
Creating a new application integration
Selecting SAML 2.0 as a sign-in method
Setting up the General Settings
Configuring SAML
Setting up GoodAccess
Enabling SCIM
Setting up SCIM connection
Setting up provisioning to app
Adding groups to provisioning
Managing user access
Managing user access
Okta Admin console with key steps to creating a new application integration.
Okta Admin console with key steps to selecting SAML 2.0 as a sign-in method for the application integration.
Okta Admin console with key steps to setting up the "General Settings".
Okta Admin console with key steps to configuring SAML.
Okta Admin console with key steps to setting up GoodAccess.
Okta Admin console with key steps to enabling SCIM.
Okta Admin console with key steps to setting up SCIM connection.
Okta Admin console with key steps to setting up provisioning to app.
Okta Admin console with key steps to adding groups to provisioning.
Okta Admin console with key steps to managing user access.
Okta Admin console with key steps to managing user access.