How to set up SAML SSO with Microsoft AD FS

Set up SAML SSO with Microsoft AD FS

1. In How to set up SAML SSO with your identity provider, complete Steps 1-3.
   • When you reach Step 3. Configure attributes in your IdP, one way to do this is by creating two Issuance Transform Rules. To create a rule, view Microsoft's Create a Rule to Transform an Incoming Claim, and check the screenshots below:
     
     
     Note: Many user has used rules to configure attributes, but you can use other methods too. 
2. Send an email to Calendly at idpsupport@calendly.com with this message:
   I request a metadata file to connect ADFS with SAML SSO.
   NOTE: You must complete Step 1. Configure Calendly before sending a message. This step creates the IdP record in Okta.
3. Once you receive the metadata file from Calendly
   1. Open Microsoft AD FS
   2. Locate Relying Party Trusts.
   3. Select Import data about the relying party from a file.
   4. Upload the metadata file. For more details, view the screenshot below and Microsoft's To create a claims aware Relying Party Trust using federation metadata.
      
4. Once you upload the metadata file
   1. Go to Calendly
   2. Navigate to Admin Center > Organization Settings > Single sign-on.
   3. Select Enable SSO for yourself, then select Test connection. If successful, you'll see a confirmation.
      
5. In Calendly, select Enforce SAML SSO for my organization > Apply.
   
   Once SSO is enforced, all users will be logged out. They must use SAML SSO to log into Calendly. Only the organization owner can log in using their fallback (original) login method by selecting Log in using another method on the login page.