How to set up SCIM with your identity provider

Calendly supports any enterprise identity provider (IdP) using the SCIM 2.0 protocol.

Calendly has tested and documented SCIM setup instructions for the following identity providers: Okta, OneLogin, and Microsoft Azure. If you use a different identity provider, follow the steps in this article. Since steps may vary by identity provider, you may want to consult documentation from your identity provider for more details.

Before you begin…

• You must set up SAML before you set up SCIM. 

• For easier setup, use separate browser windows: one for Calendly and one for your IdP.

You’ll need…

• SCIM base URL

• Bearer/API token

1. In your identity provider, create a custom Calendly application or, if you’ve already set up SSO, use the existing Calendly app. Consult your identity provider’s documentation for more details.

2. In Calendly, go to Account, Organization Settings, then Single sign-on.

3. Under Optional: Connect SCIM, toggle on SCIM provisioning.

4. Select copy base URL and paste it into the appropriate field in your identity provider. Consult your identity provider’s documentation for more details.

5. In Calendly, select the appropriate value for When do you want this token to expire? Then select Generate new bearer token, Copy token, and paste it into the appropriate field for your identity provider.

6. In Calendly, select Test Connection. Select Save. Note: if the connection fails, try paste in the Base URL and Copy token again. 

7. In your identity provider, map the SCIM API attributes to Calendly. See table below for attributes. Note: you should only configure attributes listed in the table. Passing attributes other than the ones listed will result in an error.

8. In your identity provider, enable provisioning. Consult your identity provider’s documentation for more details on enabling provisioning and assigning users to an app.

Reach out to Developer Support if you need assistance with setup.