Contact Menu

User Management

Active Users

Where to find: Click on your Name (top right) - Account Preferences - User Management - Active Users

All of your active users are listed here. To receive a more comprehensive view, you can filter your active users for locations and departments as well as searching for names and email addresses. If one of your users is no longer active, you can deactivate them by clicking the button “Deactivate”. The role of each user can be changed easily as well.

Admin: has access to all “Account Settings” and also has the functions of a Recruiter and Talent Scout.

Recruiter: is able to create jobs and edit referrals.

Talent Scout: can only see jobs and refer candidates.

201707_Screenshot_User_Management_CA__ENG_.jpg

 

Pending Invitations

Where to find: Click on your Name (top right) - Account Preferences - User Management - Pending Invitations

If you would like to send a reminder to invited users, simply click on the button “Resend” to invite them again. Use the function "Revoke" to cancel an invitation you have sent.

201707_Screenshot_Pending_Invitations_CA__ENG_.jpg

 

Registration Page

Where to find: Click on your Name (top right) - Account Preferences - User Management - Registration Page

Use our registration link to invite an unlimited number of Talent Scouts to your Firstbird account quickly and easily. With just one click, your link is ready to share over the intranet or company messenger, for example.

 

Activate Registration Page

Go to your "Account Preferences""User Management" and then to Link to activate your registration link. If you’re happy about allowing all email domains (e.g.: gmx.atgmail.comfirstbird.com etc.) to access your Firstbird company account, please proceed by clicking the button "Activate", and your link is ready for sharing (click the button "Copy").

As long as the star (*) in the field "Allowed Domains" appears, there is no restriction on using different email domains for registration.

201708_Registration_Page_CA__ENG_.jpg

If you would like to limit the registration to your company account only to your employees, you can enter at “Allowed domains” only your company domain. We at Firstbird would enter only our email domain firstbird.com.

Of course it’s possible to enter multiple domains separated by commas, such as gmx.atgmail.comfirstbird.com, etc.

When you’re satisfied with your changes, please click the button “Save changes” or "Activate" to update the settings of your registraiton link.201708_Registration_Page_CA_1__ENG_.jpg

 

Deactivate Registration Page

To stop the registration flow via the registration link, simply click next to the registration link the function “Deactivate”. Instead of the registration page, the user will see the following:

201708_Registration_Page_CA_3__ENG_.jpg

As soon as you’re ready to invite new Talent Scouts, click the button “Activate” and new Talent Scouts are able to register at your company account and will see the following:

201708_Registration_Page_CA_2__ENG_.jpg

The registration link stays always the same and does not need to be changed.

  

Invite new Users via Firstbird

Where to find: Click on Company Name - Account Preferences - User Management - Invite new users

To invite new users, click the button "Invite New Users" and a window will pop up. Next, choose the role of the users you would like to invite and their language. You can send your future Talent Scouts a personal message by clicking the function "Add a personal message" and entering in a nice welcome message.

If you would like to invite more recruiters or Talent Scouts simultaneously, simply copy and paste their email addresses from an Excel file and paste them at the field “Enter email*” (don't forget a comma, semicolon, space, tab or line break between each email address) and click on the button "Invite".

 

Configuration of sign-on with SAML

SAML-based single sign-on (SSO) allows users access to Firstbird through an identity provider (IdP) of your choice.

Setup of your Firstbird account (SP configuration)


If you want to use SSO for your company account, you must first send us a support request to support@firstbird.com with the subject: "SSO configuration".

Please note!
The condition is that the SSO option is included in your contract.

After that, our team will activate SSO for your account and will provide you with our metadata XML. Next, you must set up your IdP with the options described in section "Settings to include".
Once you have completed this, please send us the metadata XML of your IdP in your support request.

We will then store the configuration in our system accordingly.
After that, a member of our support staff will call you to verify the configuration and test it together with you.


Settings for the configuration of your Identity Provider


Follow these parameters to set up a user-defined SAML connection.

Access rights

Firstbird supports Identity Provider (IdP) Initiated Flow, Service Provider (SP) Initiated Flow, and Just-in-Time provisioning.
For SP-initiated sign-on, go to https://yourdomain.1brd.com/login.

POST-binding URL for the Single Sign-On (SSO)

https://yourdomain.auth.1brd.com/saml/callback
(Also known as the Assertion Consumer Service URL)

Entity ID

https://yourdomain.auth.1brd.com/saml/sp

SAML logout endpoint

Firstbird currently does not support Single Logout.

Important notice

Firstbird supports HTTP POST binding. You can configure the HTTP POST binding in the IdP metadata. Your IdP must ensure a user is both authenticated and authorized before sending a request. If a user is not authorized, requests should not be sent.

 

Settings to include


NameID (mandatory field)

<saml:NameID Format="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent">your-unique-identifier</saml:NameID>
<saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
<saml:SubjectConfirmationData InResponseTo="c1ad3f1a-8533-41eb-a5dc-542335eba020" NotOnOrAfter="2018-08-14T07:04:58Z" Recipient="https://yourdomain.auth.1brd.com/saml/callback"/>
</saml:SubjectConfirmation>
</saml:Subject>

Please note!
To meet the SAML specifications the NameID must be unique.

 

Email attribute (required)

<saml:Attribute Name="email" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">

<saml:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">your.user@yourdomain.com</saml:AttributeValue>
</saml:Attribute>



First-name attribute (optional)

This element contains an AttributeValue element indicating the user’s first name.

<saml:Attribute Name="first_name" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
<saml:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">Max</saml:AttributeValue>
</saml:Attribute>

Last-name attribute (optional)
This element contains an AttributeValue element indicating the user’s last name.

<saml:Attribute Name="last_name" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
<saml:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">Mustermann</saml:AttributeValue>
</saml:Attribute>

 

SessionDuration attribute (optional)

This element contains an AttributeValue element indicating how long the user can access Firstbird via mobile app before the user must sign on again. This value is an integer indicating the number of seconds for the session. The value must be at least 1,200 seconds (20 minutes). If the attribute SessionNotOnOrAfter of the AuthnStatement is also set, the lower value of the two attributes will be used.

When none of these two attributes is available, the sign-on information will apply for a period of 30 days.

<saml:Attribute Name="https://auth.1brd.com/saml/attributes/sessionduration">
<saml:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">86400</saml:AttributeValue>
</saml:Attribute>

 

Certificates


Public certificate for signing SAML assertions

Firstbird requires that SAML assertions are signed and that a valid X.509 .pem certificate is stored at Firstbird to verify your identity.

Public certificate for the encryption of the SAM assertions

Firstbird uses the encryption of SAML assertions per default. You will find the public X.509 certificate in our metadata XML that you will receive from our support after your request.

 

Summary

  1. Send us a request to support@firstbird.com with the subject: “SSO configuration"
  2. We will send you the SP metadata XML
  3. You configure your IdP
  4. You send us your IdP metadata XML
  5. We complete the configuration of the SSO for your account and test the process together with you

 

 

Invitation Emails are sent to SPAM

Read more to learn which actions you can set to avoid emails from Firstbird being sent to SPAM.

If it takes time to implement our suggested actions and you would like to start inviting users to your Firstbird company account, you can use our invitation link.

You can easily copy this invitation link into an email and send it via your company email provider to the new Firstbird users.

This will help you to gain time to set the actions, and your invitations will not be sent to SPAM.

In the event of emails continuing to be sent to SPAM, please be so kind as to get in touch with our support via support@firstbird.com.

 

Delete Users

Where to find: Click on your Name (top right) - Account Preferences - User Management - three dots next to Role - Actions 

As soon as a user (Administrator, Recruiter or Talent Scout) does not wish to be part of Firstbird anymore or has left the company, he/she can be deleted from Firstbird by an Administrator.

All activities performed by this user will be anonymized after successful deletion. Depending on his/her role in Firstbird, the name of such user will be replaced either by "a Talent Scout" or "a Recruiter".

Login your Firstbird Account and go to "Account Preferences" and next to "User Management". Under "Active Users" choose the one you would like to delete and click the function "Deactivate" to make the function "Delete" visible. As soon as you have clicked the function "Delete", a new window will pop up and you can confirm your decision by clicking the button "Delete".

Recruiters and Administrators can only be deleted if they are not a contact person in active jobs. If they are, an information window will pop up when you try to delete them. Replace the Recruiter you would like to delete in all active jobs (as well in jobs saved under "Hidden") or archive the jobs if they are not needed anymore.

 

Please note

You can only delete a Recruiter or an Administrator when they are not a contact person of an active job (published and hidden).

201707_Screenshot_deactivate_delete_RT_1_CA__ENG_.jpg

 

Please go ahead as follows before you will be able to delete a Recruiter or Administrator:

  • change the contact person of an active job,
  • archive all active jobs in which the user you would like to delete is the contact person.

 

 

Multi-Factor-Authentication (MFA)

As the Administrator of your Firstbird company account, you are able to disable “MFA” in your "Account settings" - "User management" for single user. To do so, please click the “3 points” on the far right of the specific user. If the user enabled "MFA" you are able to disable it.

"MFA" FAQs

Why is there a feature for disabling "MFA" for a single user?

In connection with "MFA", a user needs a number code for the Firstbird account login, which is generated by an authenticator app on the smartphone. In the event of the Talent Scout being no longer in possession of his smartphone (on account of theft or loss), you can easily disable "MFA" for this user to recover access to his Firstbird account with his chosen password only.

 

Change User Role

Where to find: Click on your Name (top right) - Account Preferences - User Management - Active Users

To change a user’s role, go to your “Account Preferences” and next to “User Management”.

At “Active User” you will find a column designated as “Role”, where you can filter for Talent Scouts, Recruiters or Admins in your Firstbird account. Furthermore, you can change the role of each user here. Accordingly, click on the little arrow next to the user’s role and a drop down menu will appear where you choose the new role.

 

If you would like to change the role of a Recruiter, please make sure, that this Recruiter is not a “Contact Person” of an active or hidden job. You will receive a notification if you try to change the role of a Recruiter who is a “Contact Person” in an active or hidden job.

There are two possible solutions:

  1. You change the “Contact Person” in all active or hidden jobs or

  2. you archive all jobs where the Recruiter is the “Contact Person”.

Our filter “Contact Person” will help you to find the jobs of the Recruiter you’re looking for.