How to set up SAML SSO with Microsoft AD FS

Note

If you are on our Teams plan and would like to add single sign-on (SSO) features to your Calendly account, you can do so from your billing page. The SSO add-on costs $3 per user, per month. 

Before you begin

  • Only account owners and admins can enable SSO. 

How to set up SAML SSO with Microsoft AD FS

  1. In How to set up SAML SSO with your identity provider, complete Steps 1-3.
  2. Send an email to Calendly at idpsupport@calendly.com with the following message:
    I request a metadata file to connect ADFS with SAML SSO. 
    NOTE: You must complete Step 1. Configure Calendly before sending a message, since Step 1 creates an IdP record in Okta.
  3. Once you receive the metadata file from Calendly, go to Microsoft AD FS, locate Relying Party Trusts, select Import data about the relying party from a file, and upload the metadata file. For more details, view the screenshot below and Microsoft's To create a claims aware Relying Party Trust using federation metadata.
    ADFS_-_import_data_metadata_file.png
  4. Once you upload the metadata file, go to Calendly, navigate to Admin Center, Organization Settings, then Single sign-on.
  5. Select Enable SSO for yourself, select Test connection. If successful, you'll see a confirmation.

    Screenshot 2023-10-11 at 10.13.52 AM.png

  6. In Calendly, select Enforce SAML SSO for my organization, then Apply.

    Screenshot 2023-10-11 at 10.14.09 AM.png

    Once SSO is enforced, all users will be logged out and need to use SAML SSO to log into Calendly. Only the organization owner can log in using their fallback (original) login method by selecting Log in using another method on the login page.