How can we help you?

Submit a request
  1. Greenhouse Support
  2. Recruiting Integrations
  3. Single Sign On (SSO)

Azure Active Directory (Azure AD)

Last Updated On: 
Follow

Azure Active Directory (Azure AD) is Microsoft’s cloud-based identity and access management service. In this article, we will cover how to:

Before proceeding, your organization will need the following items to configure the Greenhouse Recruiting and Azure AD integration:

  • Azure AD subscription
  • Greenhouse Recruiting subscription with single sign-on enabled.

Note: Single Sign-On (SSO) is included in the Greenhouse Recruiting Pro and Enterprise subscription tiers, or the Core subscription tier at an additional cost.

Before your organization can configure the integration, you need to add Greenhouse Recruiting from the gallery to your list of managed SaaS apps in Azure AD.

Click Azure Active Directory on the left-hand navigation panel in the Azure portal.

The Azure Active Directory button

Navigate to Enterprise applications and then click All applications.

The Enterprise applications blade

To add a new application, click + New application at the top of the dialog box.

The New application button

Search for Greenhouse from the provided search field and select Greenhouse from results. Click Add button to add the application.

Greenhouse in the results list

 

Configure and Test Azure AD Single Sign-On (SSO)

Once Greenhouse Recruiting is added to Azure AD, you are ready to configure and test single sign-on.

On the Greenhouse Recruiting application integration page in the Azure portal, click Single sign-on.

Configure single sign-on link

On the Single sign-on dialog box, select SAML-based Sign-on from the Single Sign-on dropdown menu to enable single sign-on.

Single sign-on dialog box

From the Greenhouse Domain and URLs section, input the following information:

Note: Please replace <companyname> with a value that you would like to use for your company's subdomain.

Greenhouse Domain and URLs single sign-on information

Azure AD's default attributes givenname and surname will need to be changed to User.FirstName and User.LastName. To change these attributes,

  • Delete the default givenname and surname attributes.
  • Add a new attribute from Attribute tab and name it User.FirstName. Select the value from the drop-down menu as user.givenname. Remove the Namespace.
  • Add a new attribute from the Attribute tab and name it User.LastName. Select the value from the drop-down menu as user.surname. Remove the Namespace.

azure.png

From the SAML Signing Certificate section, click Metadata XML and then save the metadata file on your computer.

The Certificate download link

Click the Save button.

Configure Single Sign-On Save button

To configure single sign-on in Greenhouse Recruiting, you need to send the downloaded Metadata XML to the  Greenhouse support team.

Tip: You can now read a concise version of these instructions inside the Azure portal, while you are setting up the app! After adding this app from the Active Directory > Enterprise Applications section, simply click the Single Sign-On tab and access the embedded documentation through the Configuration section at the bottom. You can read more about the embedded documentation feature here: Azure AD embedded documentation

 

Assign Users to Greenhouse Recruiting in Azure AD

In the Azure portal, open the applications view, and then navigate to the directory view.

Navigate to Enterprise applications and then click All applications.

Assign User

In the applications list, select Greenhouse.

The Greenhouse link in the Applications list

In the menu on the left, click Users and groups.

The "Users and groups" link

Click Add button. Then select Users and groups on Add Assignment dialog.

The Add Assignment pane

On Users and groups dialog, select the appropriate users in the Users list.

Click Select button on Users and groups dialog.

Click Assign button on Add Assignment dialog.