Set up SAML SSO for Azure AD

Last updated: March 17, 2026

Configure single sign-on to let your team access Fireflies securely through your Azure AD identity provider. This guide walks you through the complete SAML SSO setup process.

Before you begin

Setting up SSO involves configuring both your identity provider and Fireflies. Here's what you need to know before starting:

What you'll need

  • Admin access to both your identity provider (Azure AD/Okta/JumpCloud/OneLogin) and your Fireflies account

  • About 10-15 minutes to complete the full setup process

  • Two browser tabs - one for your identity provider, one for Fireflies

Important setup requirement

Critical step: Before you start the SSO configuration process, you must either:

  • Log out of your current Fireflies session, OR

  • Open the SSO setup link in an incognito/private browser window

This prevents session conflicts that can cause setup issues.

How the process works

  1. Configure your identity provider - Set up the basic SAML application and get the necessary URLs and certificates

  2. Configure Fireflies - Use the information from step 1 to set up SSO at app.fireflies.ai/auth/sso

  3. Complete the connection - Return to your identity provider with the final details from Fireflies

Ready to start?

Once you have admin access and have logged out of Fireflies (or opened an incognito window), you can begin the configuration process below.

Configure SAML SSO in Azure AD

  1. Sign in to the Azure portal

  2. Select Azure Active Directory in the navigation pane, then select Enterprise applications

    • The Enterprise applications – All applications page appears

  3. Select New application

    • The Add an application section appears

    Azure 1.webp

  1. Select Non-gallery application

    • The Add your own application section appears

    Azure 2.webp

  1. Enter a name for your application in the Name box, then select Add

    • The page of the added application appears

  2. Select Single sign-on in the application navigation pane

    • The Select a single sign-on method section appears

    Azure 3.webp

  1. Select SAML

    • The Set up Single Sign-On with SAML section appears

    Azure 4.webp

  1. Click the edit icon in the Basic SAML Configuration section

    • The Basic SAML Configuration window appears

    Azure 5.webp

  1. Enter the following details:

FieldValue

Identifier (Entity ID)

Enter fireflies.ai as the unique ID. This will be used in the saml.config file for the service provider name

Reply URL (Assertion Consumer Service URL)

Enter a temporary callback URL, e.g., https://app.fireflies.ai/sampletest

  1. Select Save

  2. Scroll down to Login URL and copy the URL

    • You'll need this URL for the Fireflies configuration

    Azure 6.webp

  1. Scroll to SAML Certificates and download the Certificate (Base64)

    • You'll need the downloaded .cer file for Fireflies

    Azure 7.webp

Verify Your Domain and Configure SSO in Fireflies

13. Initiate the SSO setup in Fireflies

  • Open a new browser tab and go to: https://app.fireflies.ai/auth/sso

  • Enter your admin email address and submit

  • Fireflies will send you an email with detailed setup instructions and a unique configuration link.

    image - 2026-02-16T154402.904.png

Important: Domain Verification Required

You must complete domain verification before proceeding. The SSO configuration link will only become available after your domain is verified.

14. Configure SSO in Fireflies

Once your domain is verified, click the unique SSO configuration link provided in the setup email from Fireflies.

The SSO configuration link is only accessible through the setup email and cannot be accessed directly. Ensure you are logged out of Fireflies or using an incognito window before clicking the link.

On the SSO configuration page, enter the following details:

  • Paste the Login URL from Azure into the IDP Sign-in URL field.

  • Upload the .cer certificate file downloaded from Azure to the Add X.509 Certificate field.

Click Configure SSO to complete the setup.

image - 2026-02-16T155221.683.png

15. Copy the Post-back URL from Fireflies

After clicking Configure SSO, Fireflies will provide:

  • A Post-back URL (ACS Consumer URL) — needed to update Azure’s Reply URL.

  • A unique Login URL for your users.

Save both URLs. The Post-back URL is required for the next step, and the Login URL is what your team will use for SSO sign-in.

image.png

Complete the Azure configuration

  1. Return to Azure and go to Basic SAML Configuration

    • Replace the sample Reply URL with the Post-back URL you copied from Fireflies

    Azure 10.webp

  1. Click Save – your SSO setup is now complete

  2. Assign users to the Fireflies application in Azure before they can sign in

    • Your users can now use the Login URL from app.fireflies.ai/auth/sso to sign up and log into Fireflies

📌Enforced SSO Redirect Behavior

When SSO is enforced on your domain:

Users will be automatically redirected to your organization's SSO login link when they attempt to log in via Google or Microsoft OAuth.

This happens after the OAuth authentication succeeds—at which point Fireflies checks if your domain has an enforced SSO configuration and triggers the redirect.

Avoid this behavior

If your users don't want automatic redirects, have them use your unique SSO login link instead of the generic Google or Microsoft login options.

Making sense of it all

  • The identifier must be exactly "fireflies.ai" for proper service provider configuration

  • You'll need to replace the temporary Reply URL with the actual Post-back URL from Fireflies

  • Users must be assigned in Azure before they can access Fireflies through SSO

  • The Login URL from Fireflies is what your team will use for secure sign-on

  • Both the Login URL and certificate from Azure are essential for successful configuration