Setting up HackerRank Single Sign-On with Azure AD

Overview

SSO (Single Sign-on) on HackerRank for Work can be configured using efficient and productive Identity providers such as Azure AD.

You can log in to HackerRank through Azure AD. Create, update, and deactivate user accounts through SCIM 2.0.

Prerequisites

• Obtain your SSO Unique ID by referring to the Getting Started with Single Sign-On
• Replace the ID in the URLs below where you find: "YOURSSOUNIQUEID"
• Keep these URLs available for the setup.
  • Entity ID https://www.hackerrank.com/x/api/v1/sso/saml/YOURSSOUNIQUEID/metadata
  • ACS/Reply URL - https://www.hackerrank.com/x/api/v1/sso/saml/YOURSSOUNIQUEID/acs
  • Sign-on URL - https://hackerrank.com/work/home
  • Logout URL - https://www.hackerrank.com/x/api/v1/sso/saml/YOURSSOUNIQUEID/logout

Note:  HackerRank accepts only the user's email address. HackerRank SSO fails if it receives anything other than an email address.

Configuring the SSO on Azure

1. Navigate to the customer's Azure Portal: https://portal.azure.com
2. Goto Enterprise Applications -> New Application.
3. Click Create your own application. Add a name to the app.
4. Select Integrate any other application you don't find in the gallery (Non-gallery).
5. Click Set up single sign-on (Located on the left pane) -> SAML.
6. Using the URLs from step 1 (Seen above), you can either create and upload a metadata file and then upload or manually enter the URLs from step 1 of the instructions as seen in step 7.
7. If metadata has been uploaded, ensure the Identity ID, Reply URL, Logout URL, and
   Sign-on URLs are correct.
8. If you are entering the URLs manually, click Edit on Basic SAML Configuration and enter the URLs from step 1 manually.
   
9. Click to save.
10. Verify the attributes as the sample below. 
    Download the Federation Metadata XML.
11. Upload the metadata file to HackerRank.

Adding Users to the Group

• This step varies from organization to organization, depending on their security policy.
• You can click on Users and Groups and add users or groups to provide access to this app.

Testing the SSO Integration

The SSO integration can be tested in two ways:

• Copying the HackerRank SSO Link from Step 2, and trying it in a private or incognito window.
• Clicking Enable SSO and test the single sign-on from the Azure Portal.

Note: For the second way of testing on the Azure Portal, ensure that you do not close the SSO page while testing. In case the setup is not successful, you can disable SSO on the same page.

References

• Configuring SAML Single Single Sign-On (SSO) for Azure AD Users
• Tutorial: Azure Active Directory single sign-on (SSO) integration with OpenAthens - Microsoft Entra
• Quickstart: Add an enterprise application  - Microsoft Entra