How can we help you?

I use Azure AD for SSO. How do I enable the integration with Greenhouse?

* Please note that SSO is not available for organizations in Greenhouse on our Core subscription tier.

 

Prerequisites

To configure Azure AD integration with Greenhouse, you need the following items:

  • An Azure AD subscription
  • A Greenhouse single sign-on enabled subscription
 

To configure the integration of Greenhouse into Azure AD, you need to add Greenhouse from the gallery to your list of managed SaaS apps.

To add Greenhouse from the gallery, perform the following steps:

  1. In the Azure portal, on the left navigation panel, click Azure Active Directory icon.

    The Azure Active Directory button

  2. Navigate to Enterprise applications. Then go to All applications.

    The Enterprise applications blade

  3. To add new application, click New application button on the top of dialog.

    The New application button

  4. In the search box, type Greenhouse, select Greenhouse from result panel then click Add button to add the application.

    Greenhouse in the results list

Configure and test Azure AD single sign-on

In this section, you enable Azure AD single sign-on in the Azure portal and configure single sign-on in your Greenhouse application.

To configure Azure AD single sign-on with Greenhouse, perform the following steps:

  1. In the Azure portal, on the Greenhouse application integration page, click Single sign-on.

    Configure single sign-on link

  2. On the Single sign-on dialog, select Mode as SAML-based Sign-on to enable single sign-on.

    Single sign-on dialog box

  3. On the Greenhouse Domain and URLs section, perform the following steps:

    Greenhouse Domain and URLs single sign-on information

    a. In the Sign-on URL textbox, type a URL using the following pattern: https://<companyname>.greenhouse.io

    b. In the Identifier textbox, type a URL using the following pattern: https://<companyname>.greenhouse.io

    Note: Please replace <companyname> with a value that you would like to use for your company's subdomain. If you aren't sure what value to use for this URL, contact the Greenhouse support team to get these values.

  4. Azure's default "givenname" and "surname" attributes will need to be changed to "User.FirstName" and "User.LastName." To do that, take the following steps:

    a. Delete the default "givenname" and "surname" attributes. 
    b. Add a new attribute from "Attribute" tab and name it "User.FirstName." Select the value from the drop-down menu as "user.givenname". Remove the Namespace.
    c. Add a new attribute from the "Attribute" tab and name it "User.LastName." Select the value from the drop-down menu as "user.surname". Remove the Namespace.

    azure.png
  5. On the SAML Signing Certificate section, click Metadata XML and then save the metadata file on your computer.

    The Certificate download link

  6. Click Save button.

    Configure Single Sign-On Save button

  7. To configure single sign-on on Greenhouse side, you need to send the downloaded Metadata XML to Greenhouse support team.

Tip: You can now read a concise version of these instructions inside the Azure portal, while you are setting up the app! After adding this app from the Active Directory > Enterprise Applications section, simply click the Single Sign-On tab and access the embedded documentation through the Configuration section at the bottom. You can read more about the embedded documentation feature here: Azure AD embedded documentation

 

Assign users to the Greenhouse application in Azure

  1. In the Azure portal, open the applications view, and then navigate to the directory view and go to Enterprise applications then click All applications.

    Assign User

  2. In the applications list, select Greenhouse.

    The Greenhouse link in the Applications list

  3. In the menu on the left, click Users and groups.

    The "Users and groups" link

  4. Click Add button. Then select Users and groups on Add Assignment dialog.

    The Add Assignment pane

  5. On Users and groups dialog, select the appropriate users in the Users list.

  6. Click Select button on Users and groups dialog.

  7. Click Assign button on Add Assignment dialog.