Permissions: Basic users and above, who can manage and configure SSO
Product tier: Available for Advanced and Expert subscription tiers
Note: Please reach out to Greenhouse Technical Support to start your setup for Azure SSO for Greenhouse Onboarding
Azure Active Directory (Azure AD) is Microsoft’s cloud-based identity and access management service. You can set up Single Sign-On (SSO) for Greenhouse Onboarding by following the steps in this article.
For information on setting up Azure SSO for Greenhouse Recruiting, click here.
In this article:
Before proceeding, your organization will need the following items to configure the Greenhouse Onboarding and Azure AD integration:
- Azure AD subscription
- The following details for your identity provider:
- IdP Certificate Fingerprint
- Your SSO URL
- [Optional] Your SLO (Single Log Out) URL
- Greenhouse Onboarding subscription (includes Single Sign-On feature)
Note: Your Single Log-out (SLO) URL is only needed if your organization wants to use SLO requests with your SAML provider.
Create a new Enterprise application in Azure AD platform
Note: Do not use the pre-configured Greenhouse tile on the Azure marketplace. Create a custom tile for the new Greenhouse setup.
Navigate to the Azure AD platform and click All applications on the left-hand panel.
Click the + New application tab on the All applications page.
Select Create your own application and choose the following options:
- Name: Greenhouse Onboarding
- What are you looking to do with your application: Integrate any other application you don't find in the gallery (non-gallery)
Name the application Greenhouse Onboarding.
Click Single sign-on on the Greenhouse Onboarding application integration page.
Click the SAML tile to enable Single Sign-On on the next page.
Edit SAML configuration and User Attributes & Claims
Next, you will need to edit Basic SAML Configuration and User Attributes & Claims.
Click the Edit icon to edit Basic SAML Configuration.
Enter the below information
- Identifier (Entity ID): app.parklet.co
- Please note there is no https:// at the beginning of the Entity ID.
- Reply URL (Assertion Consumer Services URL): https://onboarding.greenhouse.io/saml/ [Greenhouse Onboarding Unique Identifier] /consume
- You'll need to replace the bracketed section above with your Greenhouse Onboarding unique identifier (UID). Click here to contact Greenhouse Support and retrieve your UID.
- Sign-on URL: Leave blank
Note: If you are using the pre-configured marketplace tile, the Sign-on URL cannot be left blank. To complete the setup, create a new custom tile for the Greenhouse setup.
Click Save when finished.
Assign users to Greenhouse Onboarding in Azure AD
In the Azure portal, open the applications view, and navigate to the directory view.
Navigate to Enterprise applications on the left side of the page and click All applications.
In the applications list, select the Greenhouse application you created.
In the menu on the left, click Users and groups.
Click the + Add user button.
Click the Users option and select the correct users.
After you select the users, choose a role.
Click Select button on Users and groups window.
Click Assign button on Add Assignment window.