💡 To make the SSO configuration with Factorial the person responsible for the SSO connection within the client company has to provide Factorial a metadata file.
In Okta Admin panel
- Go to Okta's admin panel
- Click on Applications
- Click on Create app integration
![Untitled (14)](https://4960096.fs1.hubspotusercontent-na1.net/hubfs/4960096/Untitled%20(14).png)
4. Select SAML 2.0
![Untitled (15)](https://4960096.fs1.hubspotusercontent-na1.net/hubfs/4960096/Untitled%20(15).png)
5. Add the App name
6. On the App visibility check, mark Do not display application icon to users
💡 You can configure later the integration with the dashboard if needed.
7. Update the configuration fields according to these values:
**Single sign on URL:**
<https://factorial-production.auth.eu-central-1.amazoncognito.com/saml2/idpresponse>
**Audience URI (SP Entity ID):**
urn:amazon:cognito:sp:eu-central-1_Y8iEmyaEp
**Attribute statements
Name** <http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress>
**Name format** URI Reference
**Value** user.email
![Untitled (16)](https://4960096.fs1.hubspotusercontent-na1.net/hubfs/4960096/Untitled%20(16).png)
8. Select I'm an Okta customer adding an internal app
9. Click on Finish
![Untitled (17)](https://4960096.fs1.hubspotusercontent-na1.net/hubfs/4960096/Untitled%20(17).png)
10. In the newly generated application, go to Assignments tab
11. Assign people or groups to this SAML configuration
💡 The users you add here will be the ones who can log in via SAML SSO.
![Untitled (18)](https://4960096.fs1.hubspotusercontent-na1.net/hubfs/4960096/Untitled%20(18).png)
12. Go back to General tab
13. On the bottom right side, click on View SAML setup instructions
![Untitled (19)](https://4960096.fs1.hubspotusercontent-na1.net/hubfs/4960096/Untitled%20(19).png)
14. In here, go to the bottom of the page and copy the Optional IDP metadata.
To complete the process, you will need to create a file on your computer and add the provided XML contents to it. The file can have any name, but it must have the .xml extension (e.g., factorial_saml.xml).
![Untitled (20)](https://4960096.fs1.hubspotusercontent-na1.net/hubfs/4960096/Untitled%20(20).png)
In Factorial
- On your sidebar, go to Settings
- In General, click on Company details
- Scroll down until you find Single Sign On (SSO)
- Click on Set-up SAML SSO
- Add your Company's domain: add only the domain, for example, with hello@factorialhr.com you would have to include only factorialhr.com. If your company has multiple domains, add them here as well.
- Click on Next step
- Enable Okta
- Drag and drop (or select on your computer) the downloaded Okta Metadata XML file
- Click on Save configuration
![Untitled copy](https://4960096.fs1.hubspotusercontent-na1.net/hubfs/4960096/Untitled%20copy.png)