To enable SSO, please reach out to support[at]talentwall.io and provide the following:
- Entity ID
- SSO Target URL
- SAML Certificate
- If you want new users to be auto-provisioned.
- If you want to force users to use SSO only and not through a separate password.
- What default permissions are needed for each user, which can be found here if you are an admin: https://app.talentwall.io/account/users
The default permissions are "yes" or "no" for the following:- View all hired: Checking this allows the user to see any candidates marked as hired in Greenhouse. Otherwise, if this is unchecked, the user would only be able to see hires for roles they have access to in Greenhouse.
- Read-only: Read-only means that the user can only view what's in TalentWall, but not make any changes. (Moving a candidate to another stage for example.)
- View analytics: This is "all-or-nothing" access that would allow users to see all data in Analytics, regardless of their permissions in Greenhouse. (But they would not be able to see
names of candidates for roles they do not have access to in Greenhouse.)
TalentWall's settings are:
Entity ID: https://www.talentwall.io
Endpoint: https://app.talentwall.io/users/auth/saml/callback
Once SSO is set up, users can then log into TalentWall through the SSO provider app, or by the SSO link: https://app.talentwall.io/sso/[slug]
For Okta customers, please do not use the TalentWall app that is in the catalogue as it is now outdated. Create a new app as follows:
Then configure the following:
Endpoint: https://app.talentwall.io/users/auth/saml/callback
Entity ID: https://www.talentwall.io
Name ID format: EmailAddress
Application Username: Email
You can also refer to the Okta documentation for setting up SSO.
If you're using Google for SSO, then use the following:
Entity ID: https://www.talentwall.io
Endpoint URL - https://app.talentwall.io/users/auth/saml/callback?account=SLUG