In Google Admin Console

1. Go to the Google Admin Console
2. Click on web and mobile applications

3. Click on Add Application and then Add custom SAML Application

 

4. Add the SAML application name
5. Click on Continue

6. Skip the step number two
7. On step number three fill in the required fields according to this configuration:

**ACS URL (Assertion Consumer Service URL):**
  https://factorial-production.auth.eu-central-1.amazoncognito.com/saml2/idpresponse

**Entity ID:**
  urn:amazon:cognito:sp:eu-central-1_Y8iEmyaEp

**Name ID configuration
  Name ID format:**
    UNSPECIFIED

**Name ID:**
  Basic Information > Primary email

8. Add the mapping attributes according to this table:

**Atribute mappings

  Google Directory attributes             |    App attributes**

	Basic Information > Primary email       |    email
	Basic Information > First name          |    given_name
	Basic Information > Last name.          |    family_name

9. Click on Finish and your new SAML application will be created.

To enable members of your organization to use this SAML application, there is a User Access block that is initially set to "Deactivated for everyone" by default. To activate the service for your organization, click on "More details" and then activate it.

10. Download the Metadata file 
 

In Factorial

1. On your sidebar, go to Settings
2. In General, click on Company details
3. Scroll down until you find Single Sign On (SSO)
4. Click on Set-up SAML SSO
5. Add your Company's domain: add only the domain, for example, with hello@factorialhr.com you would have to include only factorialhr.com. If your company has multiple domains, add them here as well.
6. Click on Next step
7. Enable Google
8. Drag and drop (or select on your computer) the downloaded Metadata XML file
9. Click on Save configuration