- Overview
- Configuration
BambooHR
Enhance BambooHR security with SSO and advanced MFA options
BambooHR is cloud-based human resources management software that streamlines HR processes such as employee data management, recruitment, and performance tracking for small to mid-sized businesses. Integrating ADSelfService Plus with BambooHR allows users to seamlessly access the platform through secure SSO, enhancing the overall user experience.
One-click access
Enable users to access BambooHR effortlessly with a single click through SSO.
Enhanced user security
Strengthen security measures by implementing FIDO2, biometrics, and other advanced authentication methods.
Passwordless authentication
Facilitate a smoother workforce experience by allowing passwordless access to BambooHR.
Configuring SAML SSO for BambooHR
These steps will guide you through setting up the single sign-on functionality between ADSelfService Plus and BambooHR
Prerequisite
- Log in to ADSelfService Plus as an administrator.
- Navigate to Configuration → Self-Service → Password Sync/Single Sign On → Add Application, and select BambooHR from the applications displayed. Note: You can also find BambooHR application that you need from the search bar located in the left pane or the alphabet wise navigation option in the right pane.
- Click IdP details in the top-right corner of the screen.
- In the pop-up screen that appears, note down the Login URL value.
- Download the certificate file by clicking Download Certificate link. Open the file in a text editor and copy its content.
BambooHR (Service Provider) configuration steps
- Now, log in to your BambooHR administrator account.
- In the topright corner, click the Apps icon.
- Scroll down to the Single Sign-On section, and select SAMLv2.0.
- Click Install. You’ll be taken to the SAML Single Sign-On settings page.
- In the SSO Login URL field, enter the Login URL value you had noted down in Step 4 of Prerequisite.
- In the x.509 Certificate field, paste the certificate (PEM) file content you had copied in Step 5 of Prerequisite.
- Click Install.
- Now go to Settings. Note down the Company URL displayed under Account Info.
ADSelfService Plus (Identity Provider) configuration steps
- Now, switch to ADSelfService Plus’ BambooHR configuration page.
- Enter the Application Name and Description.
- In the Assign Policies field, select the policies for which SSO need to be enabled. Note: ADSelfService Plus allows you to create OU and group-based policies for your AD domains. To create a policy, go to Configuration → Self-Service → Policy Configuration → Add New Policy.
- Select Enable Single Sign-On.
- Enter the Domain Name of your BambooHR account. For example, if you use johndoe@bamboohr.com to log in to BambooHR, then bamboohr.com is the domain name.
- In the SP Identifier field, enter the company name you had noted down in Step 8 of BambooHR configuration.
- In the Name ID Format field, choose the format for the user login attribute value specific to the application. Note: Use Unspecified as the default option if you are unsure about the format of the login attribute value used by the application
- Click Add Application
Your users should now be able to sign in to BambooHR through ADSelfService Plus.