How can we help you?

Azure Active Directory (Azure AD)

Azure Active Directory (Azure AD) is Microsoft’s cloud-based identity and access management service. In this article, we will cover how to:

Before proceeding, your organization will need the following items to configure the Greenhouse Recruiting and Azure AD integration:

  • Azure AD subscription
  • Greenhouse Recruiting subscription with single sign-on enabled.

Note: Single Sign-On (SSO) is included in the Greenhouse Recruiting Pro and Enterprise subscription tiers, or the Core subscription tier at an additional cost.

Before your organization can configure the integration, you need to add Greenhouse Recruiting from the gallery to your list of managed SaaS apps in Azure AD.

Click Azure Active Directory on the left-hand navigation panel in the Azure portal.

The Azure Active Directory button

Navigate to Enterprise applications and then click All applications.

The Enterprise applications blade

To add a new application, click + New application at the top of the dialog box.


Search for Greenhouse from the provided search field and select Greenhouse from results. Click Add button to add the application.



Configure and Test Azure AD Single Sign-On (SSO)

Once Greenhouse Recruiting is added to Azure AD, you are ready to configure and test single sign-on.

On the Greenhouse Recruiting application integration page in the Azure portal, click Single sign-on.

Configure single sign-on link

From the subsequent page, select SAML to enable single sign-on


Next, you will need to edit Basic SAML Configuration and User Attributes & Claims. Click the Edit icon Screen_Shot_2019-06-05_at_10.07.11_AM.png to edit Basic SAML Configuration:


Fill out the values:

Note: Please replace {subdomain} with a value that you would like to use for your company's subdomain.


Click Save when finished.

Click the Edit icon Screen_Shot_2019-06-05_at_10.07.11_AM.png to edit User Attributes & Claims:


Delete all attributes except user.mail, user.givenname, user.surname by clicking on ellipses > Delete.


Note: Please proceed if you run into this error when deleting a value


Click into user.givenname to manage user claim and edit the following then Save:

Name: User.FirstName
Namespace: delete the value so it is empty
Source attribute: user.givenname 


Click into user.surname to manage user claim and edit the following then Save:

Name: User.LastName
Namespace: delete the value so it is empty
Source attribute: user.surname


Click into user.mail to manage user claim and edit the following then Save:

Name: nameID
Namespace: delete the value so it is empty
Source attribute: user.mail


From the SAML Signing Certificate section, click Metadata XML and then download the metadata file on your computer.


To configure single sign-on in Greenhouse Recruiting, you need to send the downloaded Metadata XML to the  Greenhouse support team.

Tip: You can now read a concise version of these instructions inside the Azure portal, while you are setting up the app! After adding this app from the Active Directory > Enterprise Applications section, simply click the Single Sign-On tab and access the embedded documentation through the Configuration section at the bottom. You can read more about the embedded documentation feature here: Azure AD embedded documentation


Assign Users to Greenhouse Recruiting in Azure AD

In the Azure portal, open the applications view, and then navigate to the directory view.

Navigate to Enterprise applications and then click All applications.

Assign User

In the applications list, select Greenhouse.

The Greenhouse link in the Applications list

In the menu on the left, click Users and groups.

The "Users and groups" link

Click Add button. Then select Users and groups on Add Assignment dialog.

The Add Assignment pane

On Users and groups dialog, select the appropriate users in the Users list.

Click Select button on Users and groups dialog.

Click Assign button on Add Assignment dialog.