GoodAccess
GoodAccess WebsiteRequest Free TrialDownload App
Search…
Welcome to GoodAccess
Getting started
First steps
How to connect
Team management
Systems
Access Control
Roles / Managers
BackUp Gateway
Advanced networking
IP whitelisting
Clouds & Branches
Split tunneling
RDP - Windows
Security & Compliance
2FA
Domain-level protection
SSO
Azure
Google Workspace
Okta
FAQ
Gateways
Product
Payments & Billing
Troubleshooting
Technical issues
Payments & Billing
Login & Password
Powered By GitBook
Azure
Please note: Changing the login method to identity provider involves permanently deleting all existing members. Your team members will be automatically added to GoodAcces upon their first login. Currently added devices will be retained.
In case you have problem with login in with SSO (white page; Error: not_a_saml_app) try to clear your cookies and caches, then try to log in with SSO again. If the problem persists, please contact our support.

Step 1

In the GoodAccess Control Panel, go to Settings, switch to the Login & Security tab and click on Azure.

Step 2

Gather the following details to be used later:
  • Entity ID
  • Assertion Consumer Service URL
  • Login URL
  • Relay State

Step 3

Create your application in Azure - Enterprise Applications

Step 4

Enter the name and choose "Integrate any other application you don't find in the gallery (Non-gallery)".

Step 5

Open your new app and continue with the single sign-on and SAML.

Step 6

Open the Basic SAML Configuration and enter the details from step 2:
  • Identifier (Entity ID) - Service Provider Links Entity ID
  • Reply URL (Assertion Consumer Service URL) - Assertion Consumer Service URL
  • Sign on URL - https://sign.goodaccess.com/
  • Relay State - "/" (enter slash)
Delete automatically added URL from Identifier (Entity ID)
Don't forget to Save.

Step 7

Continue with Edit User Attributes & Claims and edit following:
USER.MAIL
  • Name - Enter "email"
  • Namespace - Leave blank
  • Source - Choose Attribute
  • Source Attribute - Enter "user.mail"
USER.PRINCIPALNAME
  • Name - Enter "name"
  • Namespace - Leave blank
  • Source - Choose Attribute
  • Source attribute - Enter "user.userprincipalname"

Step 8

Download the Azure certificate and gather the Login URL and Azure AD Identifier for the next step.

Step 9

In the GoodAccess Control Panel enter the following details from the previous step:
  • Sign in URL - Login URL
  • Entity ID - Azure AD Identifier
  • X509 Signin certificate - Upload Azure certificate
Don't forget to Save Changes.

Step 10

You can now connect with Azure SSO.
Security & Compliance - Previous
SSO
Next
Google Workspace
Last modified 3mo ago
Copy link
Contents
Step 1
Step 2
Step 3
Step 4
Step 5
Step 6
Step 7
Step 8
Step 9
Step 10