Configuring SAML 2.0 SSO with Entra ID as iDP for Internal Candidates

Recruitment Marketing Public

The following guide explains how Entra ID (formerly Azure AD) can be configured for Single sign-on using SAML. This needs to be completed before PageUp can configure any further.

  1. Navigate to the Azure Portal.
  2. Navigate to Enterprise applications.
  3. Click Create your own application.
    1.EnterpriseApplication.png
  4. Enter a meaningful Name e.g. PageUp Internal Careers.
    entra - create your own application
  5. Click Create.

  6.  Navigate to Single single-on.

    entra - single sign-on
  7. Click the SAML single-sign on method.
    entra - single sign on method
  8. In the Basic SAML Configuration section, click Edit.
    entra - edit basic saml configuration
  9. Enter the Identifier (Entity ID), ensuring it is the exact match with the SP Entity ID configured in Company > Settings > SAML 2.0 - Candidates > Edit. We recommend having it in the following format: 
    https://internal-careers.org-name.com/
    OR
    https://internal-careers.careerpages.rec-marketing.dcx.pageuppeople.com
    For example:
    https://internal-careers.careerpages.rec-marketing.dc4.pageuppeople.com
    Note:
    • For multiple companies, ensure that the SP Entity ID is not duplicated across. This is to mitigate if they need to be set up in one SSO vendor, as one could not have multiple "apps" with identical SP Entity IDs.
    • The SP Entity ID must be verbatim matched between what’s set up in the Organisation SAML settings and in your (the customer's) SSO platform.
    rm candidate saml settings.png
  10. Enter the Reply URL (Assertion Consumer Service URL) as found in Recruitment Marketing > Company > Settings > SAML 2.0 - Candidates > Assertion Consumer Service URL.
    rm candidate saml settings assertion consumer service url.png
    entra - reply URL
  11. Set the Attributes & Claims to send:
    1. first_name
    2. last_name
    3. email
      rm candidate sso entra id attributes and claims.png

      rm candidate sso entra id attributes and claims additional claims.png
  12. Send the App Federation Metadata URL to your PageUp representative.
    entra id - App Federation Metadata URL.png
  13. In Entra ID, obtain the User access URL for the user to log in.
    entra - user access url

Comments

0 comments

Article is closed for comments.