Configure single sign-on to let your team access Fireflies securely through your Azure AD identity provider. This guide walks you through the complete SAML SSO setup process.
Before you begin
Setting up SSO involves configuring both your identity provider and Fireflies. Here's what you need to know before starting:
What you'll need
Admin access to both your identity provider (Azure AD/Okta/JumpCloud/OneLogin) and your Fireflies account
About 10-15 minutes to complete the full setup process
Two browser tabs - one for your identity provider, one for Fireflies
Important setup requirement
⚠ Critical step: Before you start the SSO configuration process, you must either:
Log out of your current Fireflies session, OR
Open the SSO setup link in an incognito/private browser window
This prevents session conflicts that can cause setup issues.
How the process works
Configure your identity provider - Set up the basic SAML application and get the necessary URLs and certificates
Configure Fireflies - Use the information from step 1 to set up SSO at app.fireflies.ai/auth/sso
Complete the connection - Return to your identity provider with the final details from Fireflies
Ready to start?
Once you have admin access and have logged out of Fireflies (or opened an incognito window), you can begin the configuration process below.
Configure SAML SSO in Azure AD
Sign in to the Azure portal
Select Azure Active Directory in the navigation pane, then select Enterprise applications
The Enterprise applications – All applications page appears
Select New application
The Add an application section appears
Select Non-gallery application
The Add your own application section appears
Enter a name for your application in the Name box, then select Add
The page of the added application appears
Select Single sign-on in the application navigation pane
The Select a single sign-on method section appears
Select SAML
The Set up Single Sign-On with SAML section appears
Click the edit icon in the Basic SAML Configuration section
The Basic SAML Configuration window appears
Enter the following details:
FieldValue | |
Identifier (Entity ID) | Enter fireflies.ai as the unique ID. This will be used in the saml.config file for the service provider name |
Reply URL (Assertion Consumer Service URL) | Enter a temporary callback URL, e.g., https://app.fireflies.ai/sampletest |
Select Save
Scroll down to Login URL and copy the URL
You'll need this URL for the Fireflies configuration
Scroll to SAML Certificates and download the Certificate (Base64)
You'll need the downloaded .cer file for Fireflies
Verify Your Domain and Configure SSO in Fireflies
13. Initiate the SSO setup in Fireflies
Open a new browser tab and go to: https://app.fireflies.ai/auth/sso
Enter your admin email address and submit
Fireflies will send you an email with detailed setup instructions and a unique configuration link.
⚠ Important: Domain Verification Required
You must complete domain verification before proceeding. The SSO configuration link will only become available after your domain is verified.
14. Configure SSO in Fireflies
Once your domain is verified, click the unique SSO configuration link provided in the setup email from Fireflies.
The SSO configuration link is only accessible through the setup email and cannot be accessed directly. Ensure you are logged out of Fireflies or using an incognito window before clicking the link.
On the SSO configuration page, enter the following details:
Paste the Login URL from Azure into the IDP Sign-in URL field.
Upload the .cer certificate file downloaded from Azure to the Add X.509 Certificate field.
Click Configure SSO to complete the setup.
15. Copy the Post-back URL from Fireflies
After clicking Configure SSO, Fireflies will provide:
A Post-back URL (ACS Consumer URL) — needed to update Azure’s Reply URL.
A unique Login URL for your users.
Save both URLs. The Post-back URL is required for the next step, and the Login URL is what your team will use for SSO sign-in.
Complete the Azure configuration
Return to Azure and go to Basic SAML Configuration
Replace the sample Reply URL with the Post-back URL you copied from Fireflies
Click Save – your SSO setup is now complete
Assign users to the Fireflies application in Azure before they can sign in
Your users can now use the Login URL from app.fireflies.ai/auth/sso to sign up and log into Fireflies
📌Enforced SSO Redirect Behavior
When SSO is enforced on your domain:
Users will be automatically redirected to your organization's SSO login link when they attempt to log in via Google or Microsoft OAuth.
This happens after the OAuth authentication succeeds—at which point Fireflies checks if your domain has an enforced SSO configuration and triggers the redirect.
Avoid this behavior
If your users don't want automatic redirects, have them use your unique SSO login link instead of the generic Google or Microsoft login options.
Making sense of it all
The identifier must be exactly "fireflies.ai" for proper service provider configuration
You'll need to replace the temporary Reply URL with the actual Post-back URL from Fireflies
Users must be assigned in Azure before they can access Fireflies through SSO
The Login URL from Fireflies is what your team will use for secure sign-on
Both the Login URL and certificate from Azure are essential for successful configuration