How to configure SAML SSO for your organization

Before you begin…

  • SAML SSO is only available for accounts on our Enterprise plan. 
  • Only account owners and admins can enable SSO. 

  • The Calendly email address of the person configuring SSO must be the same as that used for the organization’s IdP account.

  • If you want to stop configuring SSO, select Delete SAML SSO configuration at the top of the page.

  • If you use Okta, OneLogin, Ping Identity, Auth0, Azure, or Duo, use the linked IdP-specific documentation for setup instructions.

 

  1. From your Calendly Home page, select Account, Organization Settings, then Single Sign On.

  2. Enter in the information:

    • your identity provider's Entity ID and SAML HTTP Request URL

    • X.509 certificate for SAML authentication

  3. Select Save & continue.

  4. To test SAML SSO, enable it for your own account; select Copy Audience URL and paste it into the appropriate field in your identity provider.

  5. Select Continue.
    A new tab opens in your browser.

  6. Test the connection. If it’s:
    - unsuccessful, an error page appears
    - successful, the tab automatically closes and you'll be prompted with the next step

  7. To enforce SSO for the entire organization, select the toggle next to Enforce SAML SSO for my organization.

  8. To confirm enforcement, select Yes. All members in the organization, including the owner, will be logged out and can log back in using your organization’s SSO credentials.

See also:

How to sign in using single sign-on or SSO
How to disable SAML SSO for your organization

Was this article helpful?
0 out of 0 found this helpful