diff --git a/keyserver/src/responders/user-responders.js b/keyserver/src/responders/user-responders.js
--- a/keyserver/src/responders/user-responders.js
+++ b/keyserver/src/responders/user-responders.js
@@ -314,7 +314,7 @@
 const siweAuthRequestInputValidator = tShape({
   signature: t.String,
   message: t.String,
-  calendarQuery: t.maybe(entryQueryInputValidator),
+  calendarQuery: entryQueryInputValidator,
   deviceTokenUpdateRequest: t.maybe(deviceTokenUpdateRequestInputValidator),
   platformDetails: tPlatformDetails,
   watchedIDs: t.list(t.String),
@@ -333,13 +333,16 @@
     platformDetails,
   } = request;
 
-  // 1. Ensure that `message` is a well formed Comm SIWE Auth message.
+  // 1. Normalize `SIWEAuthRequest.calendarQuery`.
+  const calendarQuery = normalizeCalendarQuery(request.calendarQuery);
+
+  // 2. Ensure that `message` is a well formed Comm SIWE Auth message.
   const siweMessage: SIWEMessage = new SiweMessage(message);
   if (!isValidSIWEMessage(siweMessage)) {
     throw new ServerError('invalid_parameters');
   }
 
-  // 2. Ensure that the `nonce` exists in the `siwe_nonces` table
+  // 3. Ensure that the `nonce` exists in the `siwe_nonces` table
   //    AND hasn't expired. If those conditions are met, delete the entry to
   //    ensure that the same `nonce` can't be re-used in a future request.
   const wasNonceCheckedAndInvalidated = await checkAndInvalidateSIWENonceEntry(
@@ -349,7 +352,7 @@
     throw new ServerError('invalid_parameters');
   }
 
-  // 3. Validate SIWEMessage signature and handle possible errors.
+  // 4. Validate SIWEMessage signature and handle possible errors.
   try {
     await siweMessage.validate(signature);
   } catch (error) {
@@ -367,7 +370,7 @@
     }
   }
 
-  // 4. Create account with call to `processSIWEAccountCreation(...)`
+  // 5. Create account with call to `processSIWEAccountCreation(...)`
   //    if address does not correspond to an existing user.
   let userID = await fetchUserIDForEthereumAddress(siweMessage.address);
   if (!userID) {
@@ -382,8 +385,8 @@
     );
   }
 
-  // 5. Complete login with call to `processSuccessfulLogin(...)`.
-  return await processSuccessfulLogin(viewer, input, userID);
+  // 6. Complete login with call to `processSuccessfulLogin(...)`.
+  return await processSuccessfulLogin(viewer, input, userID, calendarQuery);
 }
 
 const updatePasswordRequestInputValidator = tShape({