Recruitment Marketing Public
Required Setup
Within Okta
- Create a SAML 2.0 Application Integration.
- Configure your SAML Settings with these required fields
- Single sign-on URL: Within Recruitment Marketing copy the value from Organisation > Settings > SAML > Assertion Consumer Service URL.
- Audience URI (SP Entity ID): should be set to the full domain name of your new website (i.e. careers.company.com), with no protocols.
- Name ID format: EmailAddress
-
Attribute Statements
- first_name: user.firstName
- last_name: user.lastName
- Save the settings.
- Navigate to SAML Signing Certificates and view the IdP metadata for the active certificate.
- Copy the URL from your browser, this is the IdP metadata URL and will be required in the Recruitment marketing SAML Settings.
- Finally in Okta you must assign users to the application from the Assignments tab.
Within Recruitment Marketing
- Navigate to Organisation > Settings > SAML > Edit ✎
- Configure your Recruitment Marketing SAML Settings with these required fields
- Sync settings from iDP Metadata.
- iDP Metadata URL: Copy the value from Okta.
- SP Entity ID (Issuer): This must match Okta Audience URI (SP Entity ID) which we suggest to be set as the full domain name of your new website (i.e. careers.company.com), with no protocols.
- Save the settings which will return you to the SAML overview.
- Click Sync settings from iDP Metadata this will configure the SAML settings.
- To sign in using SAML simply copy the iDP SSO Target URL and sign in using your Okta credentials.
Note: For a user to sign in successfully, a user must already exist in Recruitment Marketing with that email address. Alternatively the "Enable provisioning of users from IdP" checkbox should be checked in Recruitment Marketing > Organisation > Settings > SAML > Edit ✎
Optional Setup
Syncing user roles from Okta
- Within Okta navigate to Directory > Profile Editor.
- Within the Okta User (first in list), click Edit Profile.
- Click Add Attribute
- Complete the following:
- Display Name - for example: PageUp Roles
-
Variable name - for example: pageup_roles
Note: the "user." prefix will be added by Okta after saving - Description - for example PageUp Roles
- Data type - string_array
- Attribute required - leave unchecked
- User permission - leave the default Read Only
- Navigate to Okta's directory entry for the person who is attempting to log in.
- Edit their profile and add a new PageUp Role to their profile. For testing purposes, you can add “organisation_admin” as a single entry. For a full list of the available roles see: Configuring SAML 2.0 for Recruitment Marketing users
- Navigate to the Recruitment Marketing SAML 2.0 Application Integration.
- Edit your Okta SAML Settings to include the roles
- Add a new Attribute Statements
- roles - user.pageup_roles
- Add a new Attribute Statements
- Within Recruitment Marketing navigate to Organisation > Settings > SAML > Edit ✎
- Enable syncing user roles/permissions from iDP - click to enable
Comments
Article is closed for comments.