Please note: Changing the login method to identity provider involves permanently deleting all existing members. Your team members will be automatically added to GoodAcces upon their first login. Currently added devices will be retained.
In case you have problem with login in with SSO (white page; Error: not_a_saml_app) try to clear your cookies and caches, then try to log in with SSO again. If the problem persists, please contact our support.
Step 1
In the GoodAccess Control Panel go to Settings, switch to the Login & Security tab and click on Okta.
Step 2
Gather the following details required in the next steps:
Entity ID
Assertion Consumer Service URL
Step 3
Go to Okta, navigate to Applications, and click Create App Integration.
Step 4
Choose SAML_2.0
Step 5
Name your app, upload a logo, and click Next.
Step 6
Fill out the SAML Settings and Attribute Statements
SAML Settings
Single Sign on URL - Assertion Consumer Service URL (Step 2)
Audience URI (SP Entity ID) - Entity ID (Step 2)
Default RelayState - Enter "/"
Name ID format - Choose "Unspecified"
Application username - Choose "Email"
Attribute Statements
Name - Enter "email"
Name format - Choose "Unspecified"
Value - Choose "user.mail"
Step 7
Choose one of the options and click Finish.
Step 8
Once you have created the new app, open its SAML configuration under the Sign-on tab.
Step 9
Gather the following details required in the next steps:
Identity Provider Single Sign-On URL
Identity Provider Issuer
Download certificate
Step 10
In the GoodAccess Control Panel enter the details from previous step as follows:
Sign in URL - Identiy Provider Single Sign-ON URL (Step 9)