Set up Azure Active Directory (Azure AD) with Greenhouse Onboarding

Permissions: Owners

Product tier: Available for Greenhouse Onboarding and Greenhouse Welcome subscription tiers

Azure Active Directory (Azure AD) is Microsoft’s cloud-based identity and access management service. You can set up single sign-on (SSO) with Azure AD to authenticate users logging in to Greenhouse Onboarding and Greenhouse Welcome.

For information on setting up Azure AD SSO for Greenhouse Recruiting, click here.

Enter your SSO credentials in Greenhouse Onboarding

Before you can connect Greenhouse Onboarding with Azure AD, you'll need to provide the following identity provider details:

  • Single Sign-On URL
  • IdP Certificate Fingerprint (in SHA1 format)
  • Single Logout URL (optional)

Note: Your Single Log-out (SLO) URL is only needed if your organization wants to use SLO requests with your SAML provider.

Open Greenhouse Onboarding and navigate to Settings Data Flow Single Sign-On.

Single Sign On page in Greenhouse Onboarding Settings

On the Single Sign-On page, enter your SSO URL, IdP certificate fingerprint, and single logout URL in their corresponding fields.

Mark the checkbox above the Save button to indicate that your organization uses Azure AD as an Identity Provider.

Click Save.

Step Two of Single Sign On configuration in Greenhouse Onboarding Settings with Azure AD checkbox marked

When you're finished, reach out to Greenhouse Technical Support to turn on your SAML configuration setup.

Before closing Greenhouse Onboarding, copy your organization's SSO Assertion Consumer URL and Entity ID/Issuer from the Single Sign-On page. You'll need these details later during Azure AD setup.

Connect Greenhouse Onboarding in your Azure AD platform

Once you've set up your SAML configuration in Greenhouse Onboarding, it's time to set up the integration in Azure AD. Follow the below steps to connect Greenhouse Onboarding in Azure AD.

Create a new Enterprise application in Azure AD

Note: Do not use the pre-configured Greenhouse tile on the Azure marketplace. Create a custom tile for your new Greenhouse Onboarding setup. 

Navigate to the Azure AD platform and click All applications on the left panel.

Click the + New application tab on the All applications page. 

Screenshot-of-browsing-the-azure-gallery

Select Create your own application and configure the following settings:

  • Enter Greenhouse Onboarding under What's the name of your app?
  • Under What are you looking to do with your application?, select Integrate any other application you don't find in the gallery (Non-gallery)

Screenshot-of-create-your-own-applciation-window

Name the application Greenhouse Onboarding

Click Single sign-on on the Greenhouse Onboarding application integration page.

Click the SAML tile to enable Single Sign-On on the next page. 

Screenshot-of-SAML-option

Edit SAML configuration, user attributes, & claims in Azure AD

Next, you will need to edit your Basic SAML Configuration and User Attributes & Claims.

Click the Edit Icon_-_Edit__redesign_icon to edit the Basic SAML Configuration. 

Screenshot-of-basic-SAML-configuration-settings

In the Basic SAML Configuration panel, enter the below information:

  • Identifier (Entity ID): Enter your Entity ID/Issuer from Greenhouse Onboarding, app.parklet.co
  • Reply URL (Assertion Consumer Services URL): Enter your SSO Assertion Consumer URL from Greenhouse Onboarding, https://onboarding.greenhouse.io/saml/{uid}/consume 
    • The bracketed section includes your Greenhouse Onboarding unique identifier (UID).
  • Sign-on URL: Leave this field blank

Note: If you are using the pre-configured marketplace tile, the Sign-on URL cannot be left blank. To complete the setup, create a new custom tile for the Greenhouse setup. 

Click Save when finished.

Assign users to Greenhouse Onboarding in Azure AD

In the Azure portal, open the applications view and navigate to the directory view.

Navigate to Enterprise applications in the left panel and click All applications.

Screenshot-of-enterprise-applications-and-all-applications-navigation

In the applications list, select the Greenhouse Onboarding application you created above.

Screenshot-of-Greenhouse-enterprise-application

In the left menu, click Users and groups.

Screenshot-of-users-and-groups-menu-item

Click the + Add user button.

Screenshot-of-user-search-results

Click the Users option and select your desired users. 

Screenshot-of-searching-for-users

After you select the users, choose a role. 

Screenshot-of-add-assignment-fields

Click Select button on Users and groups window.

Click Assign button on Add Assignment window.