As a first step, configure the Single Sign-on (SSO) on the parent account following these instructions: Using SSO with Teamtailor. The setup will be added to the connected child accounts too, so there is probably some additional setup you need to do, let’s look at them one by one:
The inherited settings include the SSO Auto-join domain(s). This is the domain/s used to identify which company account(s) a user should be signed in to when signing in via the Teamtailor general login page.
If you use other domains than the one automatically fetched (for example specific domains for specific child accounts), please reach out to your Customer Success Manager or our support via chat or at email@example.com, and we will help you configure it.
Please also reach out in case you would like support to add
Create new users on different company accounts with Company mapping
By default, new users will be created on the parent account the first time they log in using SSO. To make sure users are being created, and thereby given access, to the correct Teamtailor account, we support User mapping.
Please see the table below to better understand the information requested when adding your mapping:
The company account in Teamtailor that the user should be created on
The attribute provided by your Identity Provider (IdP)
The value or values provided by your Identity Provider (IdP) that will determine the Target company in Teamtailor
Also good for you to know is that:
a Source value can be connected to several Target companies to allow a user to be created on several accounts upon first login
several Source values can be connected to one Target company
users can always be invited manually by a Company Admins to be given access to certain accounts within the Group
Additional SSO configurations
Configure additional SSO for company accounts within the Group
In some cases, one or several of the child accounts may have their own IdP or SSO setup that you would like them to use. In those cases, our support or your CSM will help you to configure the setup. In order to do so, please provide them with the following information:
Unfortunately, we currently do not support Role mapping or Exclusion of individual users from SSO login for the child accounts within our Group solution.