Implementing SAML 2.0 for Internal Candidates in Clinch Talent
Clinch Talent uses SAML 2.0 to implement Single Sign-On for internal candidates / employees. The benefits of single sign-on in Clinch include:
- Candidates are always known, even without filling out a CTA.
You can lock content to internal candidates only.
To activate Single Sign-On using SAML 2.0 for your employees, please see below.
Open up the left menu and go to Settings > Company.
Then, click ' SAML 2.0 - Candidates' in the right menu.
Bearing in mind the following definitions, fill out the resulting form. N.B. For “iDP Certificate,” this is the public certificate from your enterprise identity provider.
The following fields will be available from the IT team that run your Identity Provider (iDP) system:
- Assertion Consumer Service URL
- iDP SSO Target URL
- iDP Certificate
- Suggested clock drift as Clinch Talent and iDP systems do not share the same NTP server.
The following fields should be set to the full domain name of your new website (i.e. careers.company.com), with no protocols:
- iDP Entity ID
- SP Entity ID
Ensure that the 'Mark as internal Candidates / Employees' option is checked.
Restricting content to internal candidates only
To activate this security option, go to Web Pages in the top / left menu and click into the campaign that houses the relevant content.
Click the pencil icon to edit the campaign settings, as below:
Ensure the 'Restrict to SAML2 authenticated internal candidates' box is checked.