Configuring SAML 2.0 SSO with Okta as iDP for Internal Candidates

Recruitment Marketing Public

Required Setup

Within Okta

  1. Create a SAML 2.0 Application Integration.
  2. Configure your SAML Settings with these required fields
    okta saml settings for internal candidates.png
  3. Single sign-on URL: Within Recruitment Marketing, copy the value from Company > Settings > SAML 2.0 - Candidates > Assertion Consumer Service URL.
    okta rm assertion consumer service url.png
  4. Audience URI (SP Entity ID): Ensure what is being entered is an exact match with what is configured in Company > Settings > SAML 2.0 - Candidates > Edit. We recommend having it in the following format: 
    https://internal-careers.org-name.com/
    OR
    https://internal-careers.careerpages.rec-marketing.dcx.pageuppeople.com
    For example:
    https://internal-careers.careerpages.rec-marketing.dc2.pageuppeople.com
    Note: 
    • For multiple companies, ensure that the SP Entity ID is not duplicated across. This is to mitigate if they need to be set up in one SSO vendor, as one could not have multiple "apps" with identical SP Entity IDs.
    • The SP Entity ID must be verbatim matched between what’s set up in the Organisation SAML settings and in your (the customer's) SSO platform.
    rm candidate saml settings.png
  5. Name ID format: EmailAddress
  6. Application username: Email
  7. Attribute Statements
    1. first_name: user.firstName
    2. last_name: user.lastName
    3. email: user.email
      okta attributes.png
  8. Save the SAML application.

  9. Provide your PageUp representative with the metadata URL.
    okta metadata url.png
  10. In Okta, under the General tab, scroll down to App Embed Link to obtain the URL for the candidate to log in.
    okta app embed link.png

 

Comments

0 comments

Article is closed for comments.