Handshake supports LDAP for single sign on.
Welcome to the single sign on setup process. Before we begin, it's worth noting that Handshake uses SSO to authenticate users only. Handshake does not support SSO for provisioning or updating account information.
To use LDAP authentication with Handshake follow the following steps:
Step 1: Send LDAP Server Details to Handshake
Ahead of setting up SSO please send Handshake's support team the IP addresses your LDAP servers are using. This step must be done before proceeding to test or logins will fail. At this time we only support a single Hostname (or IP) in your SSO Preferences, but can whitelist all IP's associated with that host on the backend. You can contact support here and ask to have your team's LDAP server IP(s) whitelisted.
*Note: when contacting support please mention your country / region
This whitelist process can take up to 72 hours from time of request, so please submit this request as soon as you've confirmed your LDAP server host.
Other notes:
-
We can whitelist multiple IP's on the backend if necessary, but these must align with the single "Host" value in your Handshake SSO Preferences.
-
If you have multiple IP's for your LDAP server, please provide a hostname that uses all of these, or narrow down your configuration to a single IP.
Step 2: Whitelist Handshake's IPs
To use LDAP you will need to whitelist Handshake's outgoing LDAP IPs. They are:
34.89.49.195
35.246.15.91
Step 3: Configure SSO Settings in Handshake
Setting up single sign on in Handshake is self service! After your career services admin has added you to Handshake, you can begin the SSO Setup and Testing.
You can do this while you wait for the IP addresses to be whitelisted but any testing will fail until this process has been completed.
You can find details about setting up SSO in-app here.
Note: You should not use any URLs or values you find on our US support articles as they will not work with the European version of Handshake.
All articles in this series: