How to set up SSO (SAML integration)

HireRoo supports SSO (Single Sign On) with SAML 2.0 for improved security. SSO can be enabled to access HireRoo via your Identity Provider (IdP).

Contract Plan: Enterprise

①IdP-side settings

The registration process varies depending on the IdP you are using; however, if your IdP supports SAML 2.0, it will work as usual.

②Configuration on the HireRoo side

After completing the settings on the IdP side, the following information is obtained.

  1. IdP's endpoint URL (SSO URL)
  2. Entity ID of the IdP (Issuer)
  3. Public key certificate (X.509 certificate)

Open "Security" from "Company Settings" respectively, and register the above information.


Next, configure the "Target Domain" and "Enable Forced Mode" settings.

  • The target domain is "hireroo.io" if the email address is "kosuke.kuzuoka@hireroo.io", and the user will be redirected to the IdP if the user holds the target domain upon sign-in.
  • When forced mode is enabled, users authenticating with an IdP other than the one specified by the company will be restricted from accessing the company account (except for administrators)

Confirming SSO Settings

  • After saving the settings, sign out from the icon in the upper right corner of the screen to confirm the settings, and then move to the sign-in screen.
  • Click the "Sign in with SSO (Single Sign On)" button to move to the screen for entering your e-mail address as shown in the figure below.
  • As shown in the figure below, when you are redirected to the IdP (Okta in this case), you can confirm that the settings have been made correctly. That is all.

スクリーンショット_2022-04-06_20.12.03