Azure
This guide will show you how to integrate GoodAccess with Azure SSO.
This feature is available in the Premium plan and higher.
Please note: Changing the login method to identity provider will permanently delete all Members you invited. Your team Members will be automatically added to GoodAccess upon their first login. Manually added Members will stay.
Remember to grant your Azure users access permissions to GoodAccess. Users without them won't be able to log in.
Go to Azure > Enterprise Applications, click +New Application followed by Create your own application.
Enter a name and choose "Integrate any other application you don't find in the gallery (Non-gallery)".
Delete the automatically pre-filled URL in Identifier (Entity ID).
Open your new app, go to Single Sign-On and SAML. Then open Basic SAML Configuration and copy the details from GoodAccess - (2) Service Provider Links.
- Identifier - Entity ID
- Reply URL - Assertion Consumer Service URL
- Sign on URL - Login URL
- Relay State - Relay State
Don't forget to Save.
Continue with Edit User Attributes & Claims and edit the following:
| USER.MAIL | USER.PRINCIPALNAME |
Name | email | name |
Namespace | Leave blank | Leave blank |
Source | Attribute | Attribute |
Source Attribute | user.mail | user.userprincipalname |
Download the Azure certificate, gather Login URL and Azure AD Identifier and copy them to GoodAccess - (3) Identity Provider Links.
- Sign in URL - Login URL
- Entity ID - Azure AD Identifier
- X509 signing certificate - Azure certificate
Now switch back to GoodAccess and click Continue, then Continue in the next dialog, and finally Submit.
Last modified 1mo ago