Other SSO Providers

Updated by Sean Welch

Want to use Single Sign-On for your Criteria account but your provider isn't Okta, OneLogin or Azure? No problem, we've got you covered.

Below are the configuration settings for our generic Single Sign-On integration.

Parameters needed

Criteria provided parameters

Please configure the following in your IdP:
  1. Entity ID (Audience URI) - urn:amazon:cognito:sp:us-east-1_tkdHRnjPD
  2. Assertion Consumer Service URL - https://hireselect.auth.us-east-1.amazoncognito.com/saml2/idpresponse

Customer provided parameters

We will be expecting the following attributes in your response:

  1. http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress
    1. This should be the user’s email address.
  2. http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier
    1. This should be the user’s global unique identifier.
  3. http://schemas.xmlsoap.org/ws/2005/05/identity/claims/firstname
    1. This should be the user’s first name.
  4. http://schemas.xmlsoap.org/ws/2005/05/identity/claims/lastname
    1. This should be the user’s last name.

Setting up the integration

Once you’ve configured the above parameters, please contact our Support team and provide them with the following:

  1. SAML metadata xml file or URL
  2. The list of attribute mappings you configured

Our team will update your Criteria account and advise once we are ready to begin testing the integration. For next steps, please continue to our SSO How-to Guide.

How did we do?