How to set up SAML based SSO

As an enterprise user of Fireflies, you can configure Single Sign-On using the SAML (Security Assertion Markup language) authentication mechanism. This custom approach is designed to work seamlessly with any IDP (identity provider) of your choice.

Before you begin

Setting up SSO involves configuring both your identity provider and Fireflies. Here's what you need to know before starting:

What you'll need

• Admin access to both your identity provider (Azure AD/Okta/JumpCloud/OneLogin) and your Fireflies account

• About 10-15 minutes to complete the full setup process

• Two browser tabs - one for your identity provider, one for Fireflies

Important setup requirement

⚠ Critical step: Before you start the SSO configuration process, you must either:

• Log out of your current Fireflies session, OR

• Open the SSO setup link in an incognito/private browser window

This prevents session conflicts that can cause setup issues.

How the process works

1. Configure your identity provider - Set up the basic SAML application and get the necessary URLs and certificates

2. Configure Fireflies - Use the information from step 1 to set up SSO at app.fireflies.ai/auth/sso

3. Complete the connection - Return to your identity provider with the final details from Fireflies

Ready to start?

Once you have admin access and have logged out of Fireflies (or opened an incognito window), you can begin the configuration process below.

How to setup SAML based SSO

We offer SSO integration with various identity providers (IDPs). Choose your IDP from the list below to access detailed instructions:

• OneLogin

• Google or Microsoft

• Okta

• Jumpcloud

• Azure AD

In case your IDP is not listed above, follow these steps to set up SSO.

Get the X.509 certificate and Login URL from your IDP, which you need to enter in the unique link shared with you.

Once you've entered the above information, Fireflies generates:

• A postback URL that you will have to input in your IDP. The postback URL is sometimes called ACS Consumer URL by certain IDPs.

• A unique login URL that you can share with your teammates.

Your team must keep this URL handy to access the Fireflies notebook.

Note: SSO is a feature exclusive to the Enterprise plan.

📌 Enforced SSO Redirect Behavior

When SSO is enforced on your domain:

Users will be automatically redirected to your organization's SSO login link when they attempt to log in via Google or Microsoft OAuth.

This happens after the OAuth authentication succeeds—at which point Fireflies checks if your domain has an enforced SSO configuration and triggers the redirect.

Avoid this behavior

If your users don't want automatic redirects, have them use your unique SSO login link instead of the generic Google or Microsoft login options.