Admin accounts on self-hosted Cal.com instances must meet specific security requirements. If these requirements are not met, the admin’s privileges are temporarily restricted until they update their credentials.Documentation Index
Fetch the complete documentation index at: https://cal.com/docs/llms.txt
Use this file to discover all available pages before exploring further.
Requirements
To retain full admin access, your account must satisfy both of the following:- Password length — at least 15 characters (must also include uppercase, lowercase, and a number)
- Two-factor authentication (2FA) — enabled on the account
INACTIVE_ADMIN at login. You can still access the application, but admin-level actions are unavailable until you resolve the issue.
What happens when requirements are not met
When you log in as an admin without meeting the security criteria, Cal.com:- Sets your session role to
INACTIVE_ADMIN - Displays a persistent warning banner at the top of every page explaining what needs to be fixed
- Links you directly to the relevant settings page
| Missing requirement | Banner action |
|---|---|
| Password and 2FA | Directs you to change your password |
| Password only | Directs you to change your password |
| 2FA only | Directs you to enable two-factor authentication |
After you update your password or enable 2FA, you are signed out automatically so the system can re-evaluate your credentials on the next login.
How to resolve
Update your password (if needed)
Go to Settings > Security > Password and set a new password that is at least 15 characters long and includes uppercase letters, lowercase letters, and a number.
Enable two-factor authentication (if needed)
Go to Settings > Security > Two-factor authentication and follow the prompts to enable 2FA on your account.
This enforcement only applies to admin accounts that use Cal.com credential-based authentication. Admins who sign in through an external identity provider (such as SAML or OIDC) are not affected.