[Deprecated] Azure AD (SAML) Setup for HRM SSO

NB: This document shows how to set up SAML2 integration directly in Talent Recruiter. This approach is deprecated and should not be used. Read more...

This page describes how to configure your Azure AD to support Single SignOn to Talent Recruiter using SAML.


Add Enterprise application

Go to Enterprise applications and choose Non-gallery Application. This requires AzureAD Premium subscription.


Go to configure Single Sign-on in the getting started menu.

Choose SAML as singin method

Setup SAML configuration

Choose "Upload metadata file" from the top menu and choose https://recruiter.hr-manager.net/saml.aspx?customer=<customer alias> (download as xml or just enter it in the file entry field) which is HRM metadata file for SSO

This will default the Entity ID and reply URL from the metadata file.

Setup claims

Now go to User Attributes and Claims and Add a new claim. The default claims should be kept as is.

The new claim should be named "mail" without the namespace and the source attribute should be the attribute that holds the email address in you Azure AD. Default this is user.userprincipalname, or it can be user.mail.

You can check on the user profile where the email addressed is used in your AzureAd


So your claims should look like this

Setup signing method

Now go to SAML Signing Certificate and choose edit.

Change the signing option to "Sign Saml response"


Your setup is done so now choose the App Federation Metadata Url and send it to HRM Support so that we can upload the certificate and connect with the AzureAd sso setup.