Do you want to use Single Sign-on in Recruitee? In order to be able to use Single Sign-on in Recruitee, you need to have an already configured application on a supported authorization management platform. In this article we explain how to do this for Okta.
Create a new application for SSO in Okta
1. Go to your Admin Dashboard in Okta and click Add Applications.
2. Click on Create New App.
3. In the pop-up select SAML 2.0 as the sign on method and click Create.
4. Under App name type in a relevant name for the new application (Recruitee is recommended as the Application Name) and click Next.
5. In the SAML Settings add the following values:
- Single sign on URL: https://auth.recruitee.com/sso/sp/consume/YOUR_COMPANY_NAME YOUR_COMPANY_NAME stands for your company subdomain from Recruitee - it will be used for generating a unique SSO login URL for your users.
- Select the box for Use this for Recipient URL and Destination URL
- Audience URI (SP Entity ID): recruitee
- Name ID Format: EmailAddress
6. Under the Attribute Statements section of the SAML setting, add the next 3 attribute statements:
- first_name set to "user.firstName"
- last_name set to "user.lastName"
- email set to "user.email"
Note: the mappings for first_name and last_name are optional. If you provide these, users who register in your SSO-enabled company will have these fields pre-filled in the registration form. You can also add them later in the SAML app settings.
7. Click Next to continue with configuring the new application.
8. Fill in additional details about your app and click Finish.
9. In the app overview go to the Sign On tab and click on the Identity Provider metadata link. Save this page as an XML file.
10. After this login to Recruitee and go to Settings > Company Settings > SSO.
11. Select the default role for new users and upload the XML file under Upload file and SSO request.
Important: It is possible to change a user's role within Recruitee after they signed up. If you select a role that has restricted access to jobs/talent pools, like reviewer, you will have to assign jobs/talent pools to new users manually within Recruitee.
12. Recruitee Support will contact you on when to activate your Single Sign-on integration.
13. In your Okta account add or assign users, or a group of users, to the app to give them access to your SSO-enabled company in Recruitee.
Read more on SSO configuration in Okta support docs.