In general, the external authentication process follows the SAML protocol provided by OASIS (more docs here https://wiki.oasis-open.org/security/FrontPage).
In practice both parties, here You and Recright, configure a trusted service to communicate with. Your Azure authentication service works as the identity provider and will be trusted by Recright. Next to this Recright functions as the Service provider and will be trusted by You.
Your end will be configured with the information provided by us. Once you have provided us with the asked information, we are able to configure our end. Once both ends are configured to trust each other, the authentication flow is open to be used by Your company’s users.
Benefits of SSO-login
Implementing SSO-login provides both usability and security advantages for Your organization. By centralizing authentication through Your identity provider, access to Recright becomes more efficient, secure, and easier to manage.
Key benefits include:
Simplified user access
Users can access Recright using their existing company credentials without the need to manage separate passwords.Centralized authentication control
All authentication requests are handled through Your identity provider, ensuring consistent enforcement of security policies.Improved security
Authentication is managed externally, reducing the need to store credentials and enabling support for features such as Multi-Factor Authentication (MFA).Reduced administrative overhead
Password-related support requests are minimized, and user access can be managed centrally through Your existing systems.Efficient user lifecycle management
Onboarding and offboarding processes are streamlined, as user access is tied to their organizational identity.
New User Registration
All new users need to register before they can login to Recright with the SSO. New user accounts are created with the following two ways;
1. New user registration: Adding new users from the user management of Recright
An admin user adds a new user from the user management by clicking the button “add new user”
Admin user fills in the email address of the new user and sets the desired user rights
New user will be sent a “Welcome to Recright”-email with the request of completing the registration
User completes the registration (=fills in the registration form)
After completing the registration, user can log in to Recright by using the SSO-login page of: https://www.recright.com/admin/sso-login
2. New user registration: Adding colleagues to the recruitment team of a video interview
An existing Recright user adds a new user* to the recruitment team of a video interview
New user will automatically be sent a “Welcome to Recright”-email with the request of completing the registration
New user completes the registration (=fills in the registration form)
After completing the registration, user is being redirected to the right video interview project
Login page for future login needs: https://www.recright.com/admin/sso-login
*In case the new user has a different email address (domain), the user is unable to use the SSO login and is requested to set a password as part of the registration process and use the normal login.
3. Login process with SSO
A user who wishes to use Recright, comes to https://new.recright.com/
User clicks: “Login”-button and a login screen opens
User clicks “SSO login”
After submitting an email address the user is redirected to Your company´s external authentication service. If the authentication is successful, the user is able to access recright.com.