SSO Setup for Okta

SAML Single Sign-On (SSO) enables users to use one set of login credentials to access multiple applications, such as Bullhorn and Email. This article will outline the steps for configuring SSO for Microsoft Okta. If you're looking to configure a different SSO provider, see the SSO Setup Instructions page.

Steps

  1. Go to your Okta administrative site.
  2. Click the Applications tab, then select Add Application.
  3. Click Create New App.
  4. Select SAML 2.0.
  5. In the App Name field fill out an appropriate name, for example "Bullhorn - SAML".
  6. Add a logo if desired, click Next.
  7. Find your version of Bullhorn.
  8. Use your version to enter the appropriate URL in the Single Sign on URL field:
    • For Bullhorn Novo, enter "https://universal.bullhornstaffing.com/universal-login/login".
    • For S Release, enter "https://www.bullhornstaffing.com/BullhornStaffing/SAML/Login.cfm".
  9. In the Recipient URL field, enter "https://universal.bullhornstaffing.com/universal-login/login".
  10. In the Destination URL field, enter "https://universal.bullhornstaffing.com/universal-login/login".
  11. In the Audience Restriction field, enter "http://www.bullhornstaffing.com".
  12. In the Audience URI (SP Entity ID) field, enter "https://welcome.bullhornstaffing.com".
  13. Select the Name ID Format (email address).
  14. Select the Application Username (email).
  15. Click Next.
  16. Click Finish.
  17. At the Sign On tab, click the View Setup Instructions button.
  18. Use this tab to provide Bullhorn with the following information:
    • Identity Provider Single Sign-On URL
    • Identity Provider Issuer
    • X.509 Certificate

SSO User Enablement

After setting up your specific provider, SSO must be enabled for each user. You can grant user access individually or in bulk with assistance from Bullhorn Support.

You must be a Bullhorn Administrator to complete these steps.

Single User

Follow these steps to grant user access individually.

  1. Navigate to MenuAdmin > Users.
  2. Click the Pencil icon to the left of the user to enable.
  3. In the Account Information section, from the Identity Provider drop-down, select your new client provider.
  4. In the new ATS Name ID field that appears, enter the Name ID of the user. Usually, this is their email address.
  5. If the user should also have access to SSO via their mobile device, select the Separate mobile Identity Provider check box.
  6. Click Save.

En Masse

Bullhorn can enable multiple users en masse by using a CSV file provided by you.

  1. Navigate to MenuAdmin > Users.
  2. Click Select an ActionGenerate User List.
  3. Change the Format to Excel 2000 and then click Generate Report.
  4. Open the downloaded file and edit it to only include users you want enabled.
    • Remove all API users or any that shouldn't have SSO access.
  5. Rename the Login Name column to User.
  6. Delete all other columns.
  7. Click FileSave As.
  8. Select This PC as the location and change the file type to CSV (Comma delimited) (*.csv).
  9. Click Save.
  10. Send this file to Bullhorn Support.