Set up Azure Active Directory (Azure AD) with Greenhouse Onboarding

Permissions: Owners

Product tier: Available for Greenhouse Onboarding and Greenhouse Welcome subscription tiers

Azure Active Directory (Azure AD) is Microsoft’s cloud-based identity and access management service. You can set up single sign-on (SSO) with Azure AD to authenticate users logging in to Greenhouse Onboarding and Greenhouse Welcome.

For information on setting up Azure AD SSO for Greenhouse Recruiting, click here.

Enter your SSO credentials in Greenhouse Onboarding

Before you can connect Greenhouse Onboarding with Azure AD, you'll need to create a SAML configuration in Greenhouse Onboarding and enter the following identity provider details:

  • Single Sign-On URL
  • IdP Certificate Fingerprint (in SHA1 format)
  • Single Logout URL (optional)

Note: Your Single Log-out (SLO) URL is only needed if your organization wants to use SLO requests with your SAML provider.

Open Greenhouse Onboarding and navigate to Settings Data Flow Authentication.

If this is your first time setting up SSO with Greenhouse Onboarding, click Generate SAML configuration.

On the Authentication page, enter your SSO URL, IdP certificate fingerprint, and single logout URL in their corresponding fields.

Mark the checkbox above the Save button to indicate that your organization uses Azure AD as an Identity Provider.

Click Save.

Fields-in-Greenhouse-Onboarding-Authentication-page-to-fill-out-with-SSO-credentials.png

When you're finished, reach out to Greenhouse Support to turn on your SAML configuration setup.

Before closing Greenhouse Onboarding, copy your organization's SSO Assertion Consumer URL and Entity ID/Issuer from the Authentication page. You'll need these details later during Azure AD setup.

Connect Greenhouse Onboarding in your Azure AD platform

Once you've set up your SAML configuration in Greenhouse Onboarding, it's time to set up the integration in Azure AD. Follow the below steps to connect Greenhouse Onboarding in Azure AD.

Create a new Enterprise application in Azure AD

Note: Do not use the pre-configured Greenhouse tile on the Azure marketplace. Create a custom tile for your new Greenhouse Onboarding setup. 

Navigate to the Azure AD platform and click All applications on the left panel.

Click the + New application tab on the All applications page. 

Screenshot-of-browsing-the-azure-gallery.png

Select Create your own application and configure the following settings:

  • Enter Greenhouse Onboarding under What's the name of your app?
  • Under What are you looking to do with your application?, select Integrate any other application you don't find in the gallery (Non-gallery)

Screenshot-of-create-your-own-applciation-window.png

Name the application Greenhouse Onboarding

Click Single sign-on on the Greenhouse Onboarding application integration page.

Click the SAML tile to enable Single Sign-On on the next page. 

Screenshot-of-SAML-option.png

Edit SAML configuration, user attributes, & claims in Azure AD

Next, you will need to edit your Basic SAML Configuration and User Attributes & Claims.

Click the Edit Icon_-_Edit__redesign_.pngicon to edit the Basic SAML Configuration. 

Screenshot-of-basic-SAML-configuration-settings.png

In the Basic SAML Configuration panel, enter the below information:

  • Identifier (Entity ID): Enter your Entity ID/Issuer from Greenhouse Onboarding, app.parklet.co
  • Reply URL (Assertion Consumer Services URL): Enter your SSO Assertion Consumer URL from Greenhouse Onboarding, https://onboarding.greenhouse.io/saml/{uid}/consume 
    • The bracketed section includes your Greenhouse Onboarding unique identifier (UID).
  • Sign-on URL: Leave this field blank

Note: If you are using the pre-configured marketplace tile, the Sign-on URL cannot be left blank. To complete the setup, create a new custom tile for the Greenhouse setup. 

Click Save when finished.

Assign users to Greenhouse Onboarding in Azure AD

In the Azure portal, open the applications view and navigate to the directory view.

Navigate to Enterprise applications in the left panel and click All applications.

Screenshot-of-enterprise-applications-and-all-applications-navigation.png

In the applications list, select the Greenhouse Onboarding application you created above.

Screenshot-of-Greenhouse-enterprise-application.png

In the left menu, click Users and groups.

Screenshot-of-users-and-groups-menu-item.png

Click the + Add user button.

Screenshot-of-user-search-results.png

Click the Users option and select your desired users. 

Screenshot-of-searching-for-users.png

After you select the users, choose a role. 

Screenshot-of-add-assignment-fields.png

Click Select button on Users and groups window.

Click Assign button on Add Assignment window.