Calendly - SSO configuration

Calendly - SSO configuration

Idea
This documentation has been tested and approved by Kelvin Zero's team
Quote
This documentation provides a step-by-step guide to setting up Single Sign-On (SSO) for Calendly using MPAS. SSO simplifies user authentication by allowing access to multiple applications with a single set of credentials. This integration enhances security and improves user experience across your organization.
Warning
To set up Multi-Pass with Calendly, ensure you meet the following requirements:
- Calendly admin rights
- MPAS Admin rights
- Make sure that all users intended to use SSO in Calendly are registered in your IdP and have the necessary permissions to access Calendly.
Important: Custom elements in URLs (like realm names) are case sensitive. Make sure to match the exact casing from your environment.



Calendly - SSO configuration




Step 1 - Configure Calendly as the Service Provider (SP)

  1. Log into Calendly as an Administrator
  2. Browse to Admin center
  3. Click on Login and then select Single sign-on
  4. In Step 1, populate the information based on the table below
FieldValue
Entity IDhttps://ca.auth.kzero.com/realms/<TENANT_NAME>
Identity provider’s SAML HTTP Request URLhttps://ca.auth.kzero.com/realms/<TENANT_NAME>/protocol/saml
x.509 certificate for SAML authenticationInstructions in Step 2 of this guide

Step 2 - Configure Multi-Pass as the Identity Provider (IdP)

  1. Open Multi-Pass Dashboard

  1. Select the correct tenant and go to Integrations, click on Applications
  2. Select in the custom integration section SAML

  1. Return to Multi-Pass and complete the SAML setup with the below information
FieldValue
Client ID (=SP Entity ID)https://calendly.com/sso/saml/metadata/<CALENDLY_ID>
Namecalendly
DescriptionCalendly SSO integration
Assertion Consumer Service URLhttps://calendly.com/sso/saml/acs/<CALENDLY_ID>
NameID Policy Formatemail
  1. Under Tenant certificate select Download and save the .pem file

    1. Return to Calendly and upload the .pem file in x.509 certificate for SAML authentication
    2. Select Save and Continue in Calendly
  1. Click add integration
  2. Click Advanced Console
  3. Click Clients and search for Calendly
  4. Please verify that fields are well completed : 
General settings
FieldValue
Client IDhttps://calendly.com/sso/saml/metadata/<CALENDLY_ID>
Namecalendly
DescriptionCalendly SSO integration
Always display in UION

Access settings
FieldValue
Home URL (IdP-initiated)https://ca.auth.kzero.com/<TENANT_NAME>/protocol/saml/clients/<APP_NAME>
Valid Redirect URIs (ACS)https://calendly.com/sso/saml/acs/<CALENDLY_ID>
IDP-Initiated SSO URL Name<APP_NAME>

SAML Capabilities
SettingValue
Name ID Formatemail
Force Name ID FormatON
Force POST BindingON
Include AuthnStatementON

Signature & Encryption
SettingValue
Sign DocumentsOFF
Sign AssertionsON
  1. Now that you have checked the different parameters, change to the tab called Keys.
    1. Make sure that both parameters are switched to OFF.
  2. Now go to the Advanced tab.
    1. The field Assertion Consumer Service POST Binding URL must equal the Valid Redirect URIs (ACS).

Step 3 - Testing Multi-Pass to Calendly

  1. In Calendly turn on Enable SSO for yourself
  2. Select Test Connection
  3. If the test works, you’ll see a success banner.
  4. If it fails, check that:
    1. The user’s IdP email matches their Calendly email.
    2. The attributes in your IdP are mapped correctly.

    • Related Articles

    • SAML SSO Integration Guide

      This guide provides an overview of how to configure SAML Single Sign-On (SSO) between Multi-Pass and a third-party Service Provider (SP). Multi-Pass acts as the Identity Provider (IdP) in this federation model. Multi-Pass is working on SCIM support ...

    • Rocket.chat - SSO configuration

      This documentation has been tested and approved by Kelvin Zero's team This documentation provides a step-by-step guide to setting up Single Sign-On (SSO) for Rocket.chat using MPAS. SSO simplifies user authentication by allowing access to multiple ...

    • D2L Brightspace - SSO Integration

      This application has not been formally tested by Kelvin Zero Inc. It is provided solely as a reference guide. If you encounter any issues, kindly submit a ticket directly through the support desk. This documentation provides a step-by-step guide to ...

    • Wrike - SSO configuration

      This documentation has been tested and approved by Kelvin Zero's team This documentation provides a step-by-step guide to setting up Single Sign-On (SSO) for Wrike using MPAS. SSO simplifies user authentication by allowing access to multiple ...

    • Grammarly - SSO configuration

      Please note that this application has not been formally tested by Kelvin Zero Inc. It is provided solely as a reference guide. If you encounter any issues, kindly submit a ticket directly through the support desk. This documentation provides a ...