SAML-based Single sign-on (SSO) gives members access to Tellent through an identity provider (IdP) of your choice.
​
Tellent integrates with SSO providers that support SAML2 (Security Assertion Markup Language). We support integrating with the following SSO providers:

📌 Integrating with other SSO providers supporting SAML2 is possible but has to be configured on the customer’s end entirely. Customers have been successful in setting up SSO with Duo SSO, Shibboleth, OneLogin, Keycloak, and JumpCloud.

Check the following SSO provider-specific documentation with your IT team on how to set up an application for Tellent in your SSO provider.

Setting up SSO for your Tellent account results in the following changes:

Go to Company > SSO and write down your ACS URL and Entity ID. You can click on the Entity value to open dropdown and edit the Entity ID if needed.

In your SSO provider add an application for Tellent and generate a metadata XML file. Your provider will ask you for the ACS URL and might ask you for the Entity ID.

"Continue to next step" and upload your metadata XML file.

"Continue to next step" and choose apps and the role new users signed up with SSO will have access to.

💡 If you select a role that has restricted access to Recruitee jobs/talent pools, like Reviewer, you will have to assign jobs/talent pools to new users manually within Recruitee.

Click "Start testing SSO", paste the code that's been sent to your email, and click "Continue".

SSO is now configured in your organization in test mode - your team members can sign in with both SSO, and email and password.

Open the Sign-in URL and sign in using SSO, to ensure the configuration is correct. Once you determine the SSO is working correctly, click "Enable for everyone" to force everybody in your team to only sign in using SSO.

When you have SSO enabled in your account, you give and revoke access to team members in Tellent via your SSO provider. If a coworker has access to the Tellent application in your SSO provider, they'll be able to join your account.

You can also still add users via Tellent, however, make sure to grant them access to the Tellent application in your SSO provider as well.

⚠️ If you invite a person to Tellent that hasn't been granted access to the Tellent application in the SSO identity provider, this person will not be able to join your Tellent account.

When you add a new user to your SSO provider for Tellent, they will have the default access and roles that you selected while configuring SSO.

Based on these roles, the new team member will have access to your Tellent applications. You can change their roles in Tellent Admin Center, or the Recruitee jobs/talent pools they have access to, under Settings > Company > Team members.

Once added to the account, users have two different options to log in to Tellent.

1. Go to https://auth.tellent.com and select SSO.

2. Fill in your email address.

​📌 This is the email address you sign into your SSO provider with.

3. If you are already logged in to your SSO provider, you will be redirected to Tellent instantly.

If you aren't logged in to your SSO provider yet, you will first be directed to do so. If the login is successful you will be redirected to Tellent.

If you have your company’s direct Sign-in URL you can skip steps 1 and 2 above and sign in to your SSO provider directly.

A Sign-in URL looks like this: auth.tellent.com/sso/sign-in/[companyname]

If you want to remove a user from Tellent, you need to revoke their access rights in your SSO provider and delete them from Tellent.

If you don't revoke access to Tellent in your SSO provider, then the user may still be able to rejoin the account and access jobs.