Azure Active Directory (Azure AD) Single-sign On setup for Greenhouse Onboarding

Permissions: Basic users and above, who can manage and configure SSO

Product tier: Available for Advanced and Expert subscription tiers

Note: Please reach out to Greenhouse Technical Support to start your setup for Azure SSO for Greenhouse Onboarding

Azure Active Directory (Azure AD) is Microsoft’s cloud-based identity and access management service. You can set up Single Sign-On (SSO) for Greenhouse Onboarding by following the steps in this article. 

For information on setting up Azure SSO for Greenhouse Recruiting, click here.

In this article:

Before proceeding, your organization will need the following items to configure the Greenhouse Onboarding and Azure AD integration:

  • Azure AD subscription
  • The following details for your identity provider:
    • IdP Certificate Fingerprint
    • Your SSO URL
    • [Optional] Your SLO (Single Log Out) URL
  • Greenhouse Onboarding subscription (includes Single Sign-On feature)

Note: Your Single Log-out (SLO) URL is only needed if your organization wants to use SLO requests with your SAML provider.

Create a new Enterprise application in Azure AD platform

Note: Do not use the pre-configured Greenhouse tile on the Azure marketplace. Create a custom tile for the new Greenhouse setup. 

Navigate to the Azure AD platform and click All applications on the left-hand panel.

Click the + New application tab on the All applications page. 

Screenshot-of-browsing-the-azure-gallery.png

Select Create your own application and choose the following options:

  • Name: Greenhouse Onboarding
  • What are you looking to do with your application: Integrate any other application you don't find in the gallery (non-gallery)

Screenshot-of-create-your-own-applciation-window.png

Name the application Greenhouse Onboarding

Click Single sign-on on the Greenhouse Onboarding application integration page.

Click the SAML tile to enable Single Sign-On on the next page. 

Screenshot-of-SAML-option.png

Edit SAML configuration and User Attributes & Claims

Next, you will need to edit Basic SAML Configuration and User Attributes & Claims.

Click the Edit Icon_-_Edit__redesign_.pngicon to edit Basic SAML Configuration. 

Screenshot-of-basic-SAML-configuration-settings.png

Enter the below information

SAML configuration

  • Identifier (Entity ID): app.parklet.co
    • Please note there is no https:// at the beginning of the Entity ID.
  • Reply URL (Assertion Consumer Services URL): https://onboarding.greenhouse.io/saml/ [Greenhouse Onboarding Unique Identifier] /consume
    • You'll need to replace the bracketed section above with your Greenhouse Onboarding unique identifier (UID). Click here to contact Greenhouse Support and retrieve your UID. 
  • Sign-on URL: Leave blank

Note: If you are using the pre-configured marketplace tile, the Sign-on URL cannot be left blank. To complete the setup, create a new custom tile for the Greenhouse setup. 

Click Save when finished.

Assign users to Greenhouse Onboarding in Azure AD

In the Azure portal, open the applications view, and navigate to the directory view.

Navigate to Enterprise applications on the left side of the page and click All applications.

Screenshot-of-enterprise-applications-and-all-applications-navigation.png

In the applications list, select the Greenhouse application you created.

Screenshot-of-Greenhouse-enterprise-application.png

In the menu on the left, click Users and groups.

Screenshot-of-users-and-groups-menu-item.png

Click the + Add user button.

Screenshot-of-user-search-results.png

Click the Users option and select the correct users. 

Screenshot-of-searching-for-users.png

After you select the users, choose a role. 

Screenshot-of-add-assignment-fields.png

Click Select button on Users and groups window.

Click Assign button on Add Assignment window.