SSO Instructions for Clients using Google as Identity Provider

Follow the steps below to set up Google Single Sign-On (SSO) for Yomly using the Google Admin Console.

Procedure

1. Log in to Google Admin Console with a super administrator account.

2. Navigate to:
   Menu → Apps → Web and mobile apps

3. Click Add App → Add custom SAML app.

   • Enter the app name (e.g., Yomly).

   • Optionally, upload an app icon.

   • Click Continue.

4. On the Google Identity Provider details page:

   • Either download the IDP metadata file, or

   • Copy the SSO URL, Entity ID, and download the Certificate (or SHA-256 fingerprint if required).

   • Click Continue.

5. In the Service Provider Details window, enter the following values:

   • ACS URL:

     https://emirateshr.auth.eu-west-2.amazoncognito.com/saml2/idpresponse
     

   • Entity ID:

     urn:amazon:cognito:sp:eu-west-2_1w0yxoVbx
     

   • Start URL (Optional): Use this if you want to define a RelayState (a URL to redirect users to after authentication).

   • (Optional) Set Name ID format and Name ID value. The default Name ID is the user’s primary email.

   • Click Continue.
     
     

6. In the Attribute Mapping section:

   • Map Primary Email → email (App attribute)

   • Map Last Name → family_name

   • Map First Name → given_name

   • Click Finish.
     
     
     

    

7. Click Finish.

8. Download and Share the IDP metadata file with the Yomly Support Team.

   • The support team will update your business URL so that users can log in with Google SSO.
     
     

9. To enable access for all users:

   • Go to Menu → Apps → Web and mobile apps → Yomly.

   • Select User Access → Service Status.

   • Choose ON for everyone and click Save.