Teamtailor lets you use Single Sign-On (SSO) through SAML 2.0, an open standard data format for exchanging authentication and authorization information. This allows your team to log in to Teamtailor using their existing corporate credentials.
Once SSO is enabled, all users will have to log in via SSO. The ability to log in with an email and password will be disabled.
All users that is created via SSO are assigned the User role in Teamtailor.
Getting started
To activate SSO on your account send us a message in the chat or an email,
Information we need from you
- Metadata XML link
The link to your SAML metadata XML where we can read your settings to set up the SSO connection.
Or, if no Metadata XML is available;
- Identity Provider SSO Target URL
The URL that users will be redirected to when trying to sign in from Teamtailor, so that they can authenticate against your SSO server instead. - Identity Provider Certificate
Needed to verify that the request coming in with data to the auth endpoint on Teamtailor is coming from your system, and is not someone trying to spoof their way in.
Note that we expect you to send the name-id attribute in the persistent format; urn:oasis:names:tc:SAML:2.0:nameid-format:persistent
Information you'll get from us
- Metadata XML link
The link to our SAML metadata XML where you can read our settings to set up the SSO connection. - A SAML 2.0 Endpoint
Redirect your users here to authenticate them in Teamtailor.
keywords: authority, authorization, authorize, authorized, authorisation, authorise, authorised,