👋 To make the SSO configuration with Factorial the person responsible for the SSO connection within the client company has to provide Factorial with a metadata file. Here are the instructions for the company.
How do I add a SAML provider with Google?
- Go to the Google Admin Console
- Click on web and mobile applications.
- Click on Add Application and then Add custom SAML Application
- On the new screen you’ll need to add the SAML application name, we suggest something like “Factorial SAML”, and you can add an optional description on identification image. Click on continue.
- You can skip the step number two, on step number three you’ll need to fill in the required fields according to this configuration:
**ACS URL (Assertion Consumer Service URL):**
**Name ID configuration
Name ID format:**
Basic Information > Primary email
Lastly, on the final step, add the mapping attributes according to this table
Google Directory attributes | App attributes**
Basic Information > Primary email | email
Basic Information > First name | given_name
Basic Information > Last name. | family_name
🚨If you don’t want to change the App attributes, you should provide us with the primary email, first name, and last name identifiers.
- Now you can click on the finish button and your new SAML application will be created.
- To allow members of your organization to be able to use this SAML application, there will be a User Access block that has a “Deactivated for everyone” by default. You’ll need to click on more details, and then Activate the service in the next screen.
- After doing this configuration you need to download the Metadata file and keep it in hand for the next steps.
- Go to the Company settings in Factorial, and click on the Set-up SAML SSO in the Single Sign-On section (You need to ask us to activate it, please reach out if you need this functionality).
- In the first step of the configuration, please add your company's domain. Add only the domain, for example, with email@example.com you would have to include only factorialhr.com. If your company has multiple domains, add them here as well.
- Finally, in the next step, drag and drop (or select on your computer) the downloaded Google Metadata XML file to the documents zone, after this, you can click on the Save configuration button and the SAML SSO should be activated.