Do you want to use single sign-on with Recruitee? In order to be able to use single sign-on with Recruitee, you need to have a pre-configured application with a supported authorization management platform. In this article, we explain how to do this for Google Workspace.
Create a new application for SSO in Google Workspace
1. Go to your Google Admin Console and click Apps.
2. Select SAML apps.
3. Click Add App > Add custom SAML app.
4. Under Step 1 of the pop-up, fill in an app name and click Continue.
5. In Step 2, download the IDP metadata file under Option 1. Click Continue.
6. In Step 3 add the following values:
ACS URL: https://auth.tellent.com/sso/sp/consume/YOUR_COMPANY_NAME
YOUR_COMPANY_NAME stands for your company subdomain from Recruitee (same that is used on your careers site) - it will be used for generating a unique SSO login URL for your users.Entity ID: tellent
Select the box for Signed Response
Name ID: Basic Information > Primary Email
Name ID Format: EMAIL
Note: If you need to turn on SSO for multiple accounts, please contact Support.
7. Under Step 4 click Add mapping and enter the following details: "email -Basic Information - Primary Email".
Optionally, you could also add mapping for First Name and Last Name. With this, users who register with your SSO-enabled company will have these fields pre-filled in the registration form. You can also add them later in SAML app settings. Click Finish when you are done.
8. Go to the new SAML App's overview and open the User access settings.
9. Set the SAML App for Recruitee as ON for everyone (or enable per user roles by clicking ON for some) and Save the choice.
10. Log into Recruitee and go to the Tellent Admin Center.
📌 If you don't see the Tellent Admin Center, make sure you are logged in via auth.tellent.com and that you have full permissions in your organisation.
11. In the Tellent Admin Center, click on "Set up SSO for your company".
12. Now click on "Continue to the next step".
13. Upload the XML file and click on "Continue to the next step".
14. Now enable the SSO for Recruitee and select the default role for new users. Click on "Start testing SSO" to finish the setup.
📌 After clicking on "Start testing SSO", then all users can sign-in with SSO, while the old login also remains accessible. When you're done testing, you can enable SSO for everyone, which means the old sign-in method will no longer work.
⚠️ It is possible to change a user's role within Recruitee after they signed up. If you select a role that has restricted access to jobs/talent pools, like Reviewer, you will have to assign jobs/talent pools to new users manually within Recruitee.