Greenhouse Recruiting
Last reviewed: 3 months ago
This guide covers how to configure Greenhouse Recruiting ↗ as a SAML application in Cloudflare Zero Trust.
- An identity provider configured in Cloudflare Zero Trust
- Admin access to an Advanced or Expert Greenhouse Recruiting site
- In Zero Trust ↗, go to Access > Applications.
- Select Add an application > SaaS.
- For Application, enter
Greenhouse
and select the corresponding textbox that appears. - For the authentication protocol, select SAML.
- Select Add application.
- Copy the SAML Metadata endpoint.
- Keep this window open without selecting Select configuration. You will finish this configuration in step 4. Finish adding a SaaS application to Cloudflare Zero Trust.
- Paste the SAML Metadata endpoint from application configuration in Cloudflare Zero Trust in a web browser.
- Follow your browser-specific steps to download the URL’s contents as an
.xml
file.
- In Greenhouse Recruiting, go to the Configure icon > Dev Center > Single sign-on.
- Copy the SSO Assertion Consumer URL.
- Under Upload XML file, select Choose a file, and upload the
.xml
file created in step 2. Download the metadata file. - Change the Entity ID to
greenhouse.io
. - Keep this window open without selecting Begin testing. You will finish this configuration in step 5. Test the integration and finalize configuration.
- In your open Zero Trust window, fill in the following fields:
- Entity ID:
greenhouse.io
- Assertion Consumer Service URL: SSO Assertion Consumer URL from SSO configuration in Greenhouse Recruiting.
- Name ID format: Email
- Entity ID:
- Select Save configuration.
- Configure Access policies for the application.
- Select Done.
- In your open Greenhouse Recruiting window, select Begin Testing > Proceed.
- Open an incognito browser window and go to your Greenhouse Recruiting URL. Choose the SSO login option. You will be redirected to the Cloudflare Access login screen and prompted to sign in with your identity provider.
- Once SSO sign in is successful, go to the Configure icon > Dev Center > Single sign-on.
- Select Finalize Configuration.
- In the text field, enter
CONFIGURE
. - Select Finalize. Now, users will only be able to sign in with SSO.