Please note: Changing the login method to identity provider involves permanently deleting all existing members. Your team members will be automatically added to GoodAcces upon their first login. Currently added devices will be retained.
In case you have problem with login in with SSO (white page; Error: not_a_saml_app) try to clear your cookies and caches, then try to log in with SSO again. If the problem persists, please contact our support.

Step 1

In the GoodAccess Control Panel go to Settings, switch to the Login tab, select Login with an identity provider, and click on Universal.
Step 1: Selecting your identity provider

Step 2

Gather the following details to be used later:
  • Entity ID
  • Assertion Consumer Service URL
  • Login URL
  • Relay State
Step 2: Gathering details to be used later

Step 3

In JumpCloud Admin Portal go to User Authentication > SSO, then click ( + ). In the new window select Custom SAML App
Step 3: Adding new application in JumpCloud Admin Portal

Step 4

In General Info tab enter name of the application and select logo.
In SSO tab enter details from step 2.
  • IdP Entity ID - Choose a name
  • SP Entity ID - Enter Entity ID
  • ACS URL - Enter Assertion Consumer Service URL
  • SAMLSubject NameID - Select email
  • Default Relay State - "/" (enter slash)
  • Login URL -
Step 4: Entering details from GoodAccess. Other columns are on the bottom of the SSO tab.

Step 5

In User Groups tab select the group of users who will have access to the application and click Activate.
Users without permissions for GoodAccess won't be able to login.
Step 5: Selecting group of users and activating the application.

Step 6

  1. 1.
    Select the application, navigate to SSO tab, click on Export Metadata and save the .xml file.
  2. 2.
    Navigate to bottom of the SSO tab and gather IdP URL.
Step 6-1: Exporting Metadata
Step 6-2: Gathering IdP URL

Step 7

  1. 1.
    In GoodAccess Control Panel, copy IdP URL into Sign In URL.
  2. 2.
    Open the .xml file and copy the Entity ID and X509 Certificate.
  3. 3.
    Confirm with Save changes.
Step 7-1: Entering IdP URL, Entity ID and X506 Certificate
Step 7-2: Gathering Entity ID and X506 certificate from .xml file.

Step 8

That's all! You can now login to GoodAccess using JumpCloud.