Links

Okta

With this guide you will learn how to integrate GoodAccess with Okta SSO.
This feature is available in the Premium plan and higher.
Please note: Changing the login method to identity provider will permanently delete all Members you invited. Your team Members will be automatically added to GoodAccess upon their first login. Manually added Members will stay.
Remember to grant your Okta users access permissions to GoodAccess. Users without them won't be able to log in.
You may set up Single Sign-On (SSO) in Control Panel > Settings > SSO & MFA > + Add Provider.

Step 1

In Okta go to Applications > Create App Integration.
Choose SAML_2.0, name your app, upload a logo, and click Next.

Step 2

Copy the details from GoodAccess - (2) Service Provider Links to SAML Settings and fill out Attribute Statements.

SAML Settings

  • Single Sign-On URL - Assertion Consumer Service URL
  • Audience URI (SP Entity ID) - Entity ID
  • Default RelayState - Relay State
  • Name ID format - Unspecified
  • Application username - Email

Attribute Statements

  • Name - email
  • Name format - Unspecified
  • Value - user.email
Click Next choose one of the Feedback options and Finish.

Step 3

Select the application, go to Sign On tab and open SAML 2.0 configuration.
Copy the following details into GoodAccess - (3) Identity Provider Links.
  • Identity Provider Single Sign-On URL - Sign in URL
  • Identity Provider Issuer - Entity ID
  • X509 signing certificate

Step 4

Now switch back to GoodAccess and click Continue, then Continue in the next dialog, and finally Submit.
Optionally you may enable automatic user provisioning - SCIM.