Recruitment Marketing Public
Required Setup
To retrieve the necessary metadata for your setup, follow these steps:
- Log into your Recruitment Marketing console.
- From the side menu, under Organisation click Settings.
- Click on the SAML tab.
- Retrieve the URL from the SP Metadata URL field.
To set up the application manually follow the instructions below.
Within Okta
- Create a SAML 2.0 Application Integration.
- Configure your SAML Settings with these required fields
-
Single sign-on URL: Within Recruitment Marketing, copy the value from Organisation > Settings > SAML > Assertion Consumer Service URL.
-
Audience URI (SP Entity ID): This should be set to the full domain name of your new website with no protocols. Ensure what is being entered is an exact match with what is found in the Organisation > SAML. We recommend having it in the following format:
https://org-name.dcx.pageuppeople.com/
For example:
https://client-org.dc2.pageuppeople.com/
- Name ID format: EmailAddress
- Application username: Email
- Attribute Statements
-
Save the SAML application.
- Provide your PageUp representative with the metadata URL.
- In Okta, under the General tab, scroll down to App Embed Link to obtain the URL for the user to log in, and provide it to your PageUp’s representative.
- In Recruitment Marketing, navigate to Organisation > Settings > SAML and insert the URL into the iDP Launch URL field.
- Finally in Okta, you must assign users to the application from the Assignments tab.
-
Single sign-on URL: Within Recruitment Marketing, copy the value from Organisation > Settings > SAML > Assertion Consumer Service URL.
Within Recruitment Marketing
- Log into your Recruitment Marketing console.
- From the side menu, under Organisation click Settings.
- Click on the SAML tab.
- Click the Edit (pen) icon.
- Configure your Recruitment Marketing SAML Settings with these required fields:
- Sync settings from iDP Metadata: Select this option.
- iDP Metadata URL: Copy the value from Okta.
- SP Entity ID (Issuer): This must match the Okta Audience URI (SP Entity ID) which we suggest be set as the full domain name of your new website (i.e. careers.company.com), with no protocols.
- Save the settings which will return you to the SAML overview.
- Click Sync settings from iDP Metadata this will configure the SAML settings.
- To sign in using SAML simply copy the iDP SSO Target URL and sign in using your Okta credentials.
For a user to sign in successfully, a user must already exist in Recruitment Marketing with that email address. Alternatively, the "Enable provisioning of users from IdP" checkbox should be ticked in the SAML settings:
- From the side menu, under Organisation click Settings.
- Click on the SAML tab.
- Click the Edit (pen) icon.
- Tick the option Enable provisioning of users from iDP.
- Click Save.
Optional Setup
Syncing user roles from Okta
- Within Okta navigate to Directory > Profile Editor.
- Within the Okta User (first in the list), click Edit Profile.
- Click Add Attribute
- Complete the following:
- Display Name: e.g. PageUp Roles
-
Variable name: e.g. pageup_roles
- Description: e.g. PageUp Roles
- Data type: string_array
- Attribute required: Leave unchecked.
- User permission: Leave the default Read Only.
- Navigate to Okta's directory entry for the person who is attempting to log in.
- Edit their profile and add a new PageUp Role to their profile. For testing purposes, you can add “organisation_admin” as a single entry. For a full list of the available roles see: Configuring SAML 2.0 for Recruitment Marketing users
- Navigate to the Recruitment Marketing SAML 2.0 Application Integration.
- Edit your Okta SAML Settings to include the roles
- Add a new Attribute Statements
- roles: user.pageup_roles
- Add a new Attribute Statements
- Log back into Recruitment Marketing
- From the side menu, under Organisation click Settings.
- Click on the SAML tab.
- Click the Edit (pen) icon.
- Tick the option Enable syncing user roles/permissions from iDP.
- Click Save.
Comments
Article is closed for comments.