In Azure portal
1. Click on Enterprise Applications
2. Click on New application
3. Click on Create your own application
4. Fill Input name with Factorial SAML and select Integrate any other application you don't find in the gallery (Non-gallery).
5. Go to Single sign-on
6. Create a SAML provider
7. Update the configuration fields according to this:
**Identifier (Entity ID)**:
urn:amazon:cognito:sp:eu-central-1_Y8iEmyaEp
**Reply URL (Assertion Consumer Service URL)**:
https://factorial-production.auth.eu-central-1.amazoncognito.com/saml2/idpresponse
**Sign on URL (Remember to update your [CompanyName]:
https://factorial-production.auth.eu-central-1.amazoncognito.com/oauth2/authorize?identity_provider=**CompanyName**&redirect_uri=https://api.factorialhr.com/cognito/oauth&response_type=CODE&client_id=53avjrh4f9bre669tbhbeo03gn&scope=email%20openid%20profile%20aws.cognito.signin.user.admin
**Logout URL**:
https://factorial-production.auth.eu-central-1.amazoncognito.com/saml2/logout
**User Attributes & Claims**
givenname user.givenname
surname user.surname
name user.displayname
emailaddress user.userprincipalname
Unique User Identifier user.userprincipalname
8. Download the Federation Metadata XML from the third step and keep it in hand for the next steps
9. Go to Users and groups inside the Azure application
10. Click on Add user/group and Add selected users or groups.
These will be the users that will be able to log in via SAML SSO.
In Factorial
- On your sidebar, go to Settings
- In General, click on Company details
- Scroll down until you find Single Sign On (SSO)
- Click on Set-up SAML SSO
- Add your Company's domain: add only the domain, for example, with hello@factorialhr.com you would have to include only factorialhr.com. If your company has multiple domains, add them here as well.
- Click on Next step
- Enable Microsoft
- Drag and drop (or select on your computer) the downloaded Federation Metadata XML file
- Click on Save configuration
Here you can find the Company Name associated with the SAML configuration in Azure Portal.