Integrate GoTo applications with Conditional Access

In this topic, you will find general instructions on how to integrate GoTo applications with Portnox™ Conditional Access for Applications.

Create a Portnox Cloud application configuration

In this step, you will create a configuration in Portnox Cloud that will contain all the information necessary to integrate with GoTo.

Important: Before configuring an identity provider in GoTo, you must create your organization by adding your company domain to the list of Email domains in GoTo and confirm ownership of that domain, for example, by adding a TXT record to your DNS configuration.
  1. In a new tab of your browser, open your Portnox Cloud account by accessing the following URL: https://clear.portnox.com/

    From now on, we will call this tab the Portnox tab.

  2. In the Cloud portal top menu, click on the Applications option.

  3. On the APPLICATIONS screen, click on the Add new SAML application button.

  4. Optional: If you have more than one SAML identity provider configured, select the identity provider in the Select an identity provider to use for this application section.
  5. In the Application details section, enter an Application name and optionally a Description.

    In this example, we used the name GoTo for the new application configuration but you can use any name you like.

  6. Keep this browser tab open. You will need it later.

Open your GoTo organization center

In this section, you will access your GoTo organization center and find the settings for identity providers.

  1. In another tab of your browser, open your GoTo Organization Center page by accessing the following URL: https://organization.logmeininc.com/index.html#identity.

    From now on, we will call this tab the GoTo tab.

  2. In the How would you like to configure your SAML IDP? field, select the Manual option.

Copy configuration values from the Portnox tab to the GoTo tab

In this section, you will copy the values displayed by Portnox Cloud and paste them in the relevant fields in the GoTo identity provider setup section.

  1. In the Portnox tab, in the Service details section, click on the  ⧉  icon next to the Identity Provider Entity ID / Audience URI field to copy the value.

  2. In the GoTo tab, click on the empty field under the Identity Provider Entity ID label and paste the value copied from Portnox Cloud.

  3. In the Portnox tab, in the Service details section, click on the  ⧉  icon next to the Sign-In URL / SSO URL field to copy the value.

  4. In the GoTo tab, click on the empty field under the Sign-in page url label and paste the value copied from Portnox Cloud.

  5. In the Portnox tab, in the Service details section, click on the  ⧉  icon next to the Certificate field to copy the value.

  6. In the GoTo tab, click on the empty field under the Verification certificate label and paste the value copied from Portnox Cloud.

Enter configuration values in the Portnox tab

In this section, you will enter configuration values in the relevant fields in Portnox Cloud.

  1. In the Portnox tab, in the Application properties section, click on the empty field under the Entity ID / Service Provider Entity URL heading and enter the following value: https://authentication.logmeininc.com/saml/sp.

  2. In the Portnox tab, in the Application properties section, click on the empty field under the Assertion Consumer Service (ACS) URL / Reply URL heading and enter the following value: https://authentication.logmeininc.com/saml/acs.

Finalize the configuration

In this section, you will finalize the configuration in Portnox Cloud and GoTo.

  1. Finalize the configuration in the Portnox tab.
    1. Optional: In the POLICY ASSIGNMENTS section, change the setting to Application-based and then select an access control policy and a risk assessment policy if you want to control access to this application without using groups.
    2. Scroll all the way down to the end of the page, and then click on the Save button.

  2. Finalize the configuration in the GoTo tab.
    1. Click on the Save button.

Result: You have configured GoTo to be accessible using Portnox Conditional Access for Applications.

Note: To enforce Conditional Access for GoTo, you must contact GoTo support to create an exclusion list. This exclusion list will only apply to users with a Member role. GoTo does not provide the option to prevent Admins and Super Admins from logging in with their credentials.