How can we help you?

Azure Active Directory (Azure AD)

all_tiers.png

Note: Greenhouse Recruiting no longer supports creating a custom subdomain. 

Azure Active Directory (Azure AD) is Microsoft’s cloud-based identity and access management service. In this article, we will cover how to:

Before proceeding, your organization will need the following items to configure the Greenhouse Recruiting and Azure AD integration:

  • Azure AD subscription
  • Greenhouse Recruiting Advanced or Expert subscription (includes Single Sign-On feature)

 

To add the Greenhouse Recruiting application to Azure AD, you will first need to obtain your ACS URL from Greenhouse Recruiting.

In Greenhouse Recruiting, navigate to Configure Configure.png Dev Center Single Sign-On. From the Single Sign-On page, click Copy next to the SSO Assertion Consumer URL field. Save this information to add in Azure AD in a later step.

Copy_ACS_URL.png

Navigate to the Azure AD platform and click All applications on the left-hand panel. From the All applications page, click the + New application tab.

1_all_apps.png

From the Add an application page, search for Greenhouse. Select Greenhouse from the list of results. 

2_add_new_app.png

From the Greenhouse Add app page, click Add

3_add_ghr.png

From the Greenhouse Recruiting application integration page, click Single sign-on. From the subsequent page, click the SAML tile to enable Single Sign-On. 

mceclip0.png

Next, you will need to edit Basic SAML Configuration and User Attributes & Claims. Click the Edit icon Screen_Shot_2019-06-05_at_10.07.11_AM.png to edit Basic SAML Configuration:

5.png

Fill out the values:

  • Identifier (Entity ID): greenhouse.io
    • Please note there is no https://
  • Reply URL (Assertion Consumer Services URL): Enter the ACS URL copied from Greenhouse Recruiting previously
  • Sign-on URL: https://app.greenhouse.io

Click Save when finished.

Click the Edit icon Screen_Shot_2019-06-05_at_10.07.11_AM.png to edit User Attributes & Claims:

7.png

Delete all attributes except user.mail, user.givenname, user.surname by clicking ellipses > Delete.

8.png

Note: Please proceed if you run into this error when deleting a value
qw.png

Click into user.givenname to manage user claim and edit the following then Save:

Name: User.FirstName
Namespace: delete the value so it is empty
Source attribute: user.givenname 

as.png 

Click into user.surname to manage user claim and edit the following then Save:

Name: User.LastName
Namespace: delete the value so it is empty
Source attribute: user.surname

er.png

Click into user.mail to manage user claim and edit the following then Save:

Name: nameID
Namespace: delete the value so it is empty
Source attribute: user.mail

df.png

From the SAML Signing Certificate section, click Metadata XML and then download the metadata file on your computer.

ty.png

After downloading the XML file, follow the steps outlined here to finish enabling Single Sign-On in Greenhouse Recruiting. 

Tip: You can now read a concise version of these instructions inside the Azure portal, while you are setting up the app! After adding this app from the Active Directory > Enterprise Applications section, simply click the Single Sign-On tab and access the embedded documentation through the Configuration section at the bottom. You can read more about the embedded documentation feature here: Azure AD embedded documentation

 

Assign Users to Greenhouse Recruiting in Azure AD

In the Azure portal, open the applications view, and then navigate to the directory view.

Navigate to Enterprise applications and then click All applications.

Assign User

In the applications list, select Greenhouse.

5_edit_greenhouse_app.png

In the menu on the left, click Users and groups.

6_users_groups.png

Click the + Add user button.

7_all_users.png

Click Users to select the appropriate users. 

8_add_users_1.png

Add the appropriate users, then assign a role. 

9_add_users_2.png

 

Click Select button on Users and groups dialog.

Click Assign button on Add Assignment dialog.