1. Help Center
  2. Administration
  3. SAML SSO

SAML single sign-on (SSO) overview

Note

If you are on our Teams plan and would like to add single sign-on (SSO) features to your Calendly account, you can do so from your billing page. The SSO add-on costs $3 per user, per month. 

Single sign-on (SSO) offers a simple and secure way for your team to log in to Calendly using their corporate credentials. With SSO enabled, you can reduce password risks, increase security, and streamline access management across your organization.

Calendly supports Security Assertion Markup Language (SAML 2.0) and works with any identity provider (IdP) that supports this protocol.

What Calendly SSO supports

Supported features

  • Service Provider Initiated SSO (SP-initiated): Users visit calendly.com and authenticate through your IdP.
  • Identity Provider Initiated SSO (IdP-initiated): Users log in through your IdP and select Calendly from their app dashboard.

Not supported

  • Just-in-Time (JIT) provisioning isn't supported. To automate user management, you can use SCIM.

Supported identity providers 

Calendly supports any identity provider that uses SAML 2.0. We’ve tested and documented steps for:

For other identity providers, follow the steps in this article.

Before you begin

  • Typically, an IT admin is the best person to set up SSO. You'll need to be on the Enterprise plan and be a Calendly owner or admin.
  • Enabling SSO doesn’t affect calendar or integration connections. Users can still manage these in their own accounts.
  • By default, sessions expire after 21 days of inactivity. You can shorten this in your Calendly settings.
  • Multi-factor authentication (MFA) can be set up in your IdP.
  • If your company has more than one Calendly account, set up SSO separately for each one.
  • If your account includes users who aren’t in your IdP, we recommend not enabling SSO, as those users won’t be able to sign in with SSO credentials.

What happens when SSO is enabled

When you enable SSO, all users will be signed out of Calendly on web and mobile. They'll need to log in using SSO moving forward.

Admins and owners can still select Log in using another method on the login screen. This option lets you use your original login method, which is helpful if you need to disable SSO or troubleshoot identity provider issues.

Notify your team

We recommend sending an email to your team before enabling SSO. Feel free to use the template below. If you'd like to include steps for logging in via calendly.com (instead of signing in from your IdP), you can also link to this article.

Subject: [ Action Required ] Log back in to Calendly

Hi,

This is to let you know that [ Your Organization Name ] is changing to the way we access Calendly. Going forward you’ll be able to log in to Calendly using your [ IdP ] credentials.

We made this change so you can access Calendly and other applications using the same username and password (this way you don’t have to remember multiple passwords). If you're unable to log in using your [IdP] username and password, please let your network administrator know.

Thank you,
[ Signature ]

Managing members

Add new users:

  • Add them in your identity provider and in Calendly.
  • Users must accept their invite before logging in with SSO.

Remove users (if SCIM is not enabled):

  • Remove them from your IdP and Calendly.
  • Removed users will revert to a free Calendly account.
  • They'll sign in using their original method (e.g., Google OAuth).
  • To automate this process, enable SCIM.

Change a member’s email:

  • Update their email in your identity provider.
  • Then contact Calendly Support with the new email address so we can update it on our side.
Was this article helpful?
5 out of 6 found this helpful