[Administrator] How to Set Okta in Zoom App

 

 

Connecting Zoom with Okta allows you to log in to your account via SSO using your company’s Okta credentials. There are two ways to set Zoom in Okta.

  • Automatically configure the Okta app for Zoom using the pre-built Zoom app of the Okta application network
  • Set up a custom app in Okta for Zoom. Setting up a custom app lets you pass additional information to Zoom to use advanced SAML mappings .

Prerequisites

 

 

  • authority

 

 

with approved vanity URL

  • Okta administrator authority

Set Okta with a pre-configured app

The pre-configured app sends an email address, first name, and last name as name ID.

If you need to send additional attributes from Okta to Zoom, you need to create a custom app.

  1. In Okta, go to Applications.
  2. Click [ Add Application ].
  3. Search Zoom SAML.
  4. Click [ Add ].
  5. The General Settings page is displayed.
    • Application Name ]: Leave Zoom SAML or enter the desired name.
    • Subdomain ]: Enter only the custom part of the vanity URL. For example, if the vanity URL is https://mydomain.zoom.us, enter only “mydomain”.
    • Application visibility ]: Optional. Check the option if you want this app to be visible to the user.
  6. Click [ Done ].
  7. Click the Assignments tab.
  8. Click Assign and select whether you want to assign to an individual or a group.

    Click Assign to Groups if you want to assign to all users.

  9. Click Assign next to Everyone.
  10. Click [ Done ].
  11. Click [ Sign On ].
  12. Click View Setup Instructions.
  13. The procedure of how to set OOS in Zoom is displayed.
  14. Copy the following values ​​from Okta to Zoom: Sign-in Page URL
    Sign-out Page URL
    Identity Provider Certificate
    Issuer
  15. For Service Provider (SP) Entity ID, select the option without https.
  16. Change [ Binding ] to HTTP-Redirect.
  17. In Zoom, select Save Changes.
  18. Now that you have configured it, you can sign in to Zoom with Okta.
    To test,

    log out of your Zoom account and click Login at
    https: // yourvanityurl.zoom.us.

Set Okta in a custom app

  1. In Okta, click Add Apps.
  2. Click Create New App  .
  3. Select the following in the Create a New Application Integration window :
    • Platform ]: Web
    • Sign on method ]: SAML 2.0
  4. Click Create.
  5. The General Settings page is displayed.
  6. Click [ Next ].
  7. The configuration page for SAML is displayed.
    • Single Sign-on URL : https: // yourvanityurl .zoom.us / saml / SSO
    • Use This For Recipient URL And Destination URL to] check you put.
    • Leave [ Allow this app to request other SSO URLs ] unchecked.
    • Audience URI (SP Entity ID) : https: // yourvanityurl .zoom.us
    • Default RelayState ]: Leave blank .
    • Name ID Format ]: [ EmailAddress and choose].
    • Application username ]: Select [ Okta username ].
    • Click Show Advanced Settings .
    • Response ]: Select [ Signed ].
    • Assertion Signature ]: Select [ Unsigned ].
    • Signature Algorithm ]: Select [ RSA-SHA256 ].
    • Digest Algorithm ]: Select [ SHA256 ].
    • Assertion Encryption ]: Select one.
      If you select [ encrypted ],
      Zoom side needs to check the option of an encrypted assertion.

      If it is unknown, leave it as [ Unencrypted ].

    • Enable Single Signout ]: Leave unchecked .
    • Authentication context class ]: select [ PasswordProtectedTransport ].
    • Honor Force Authentication ]: Select [ Yes ].
    • SAML Issuer ID ]: blank leave.
    • Attribute Statements ]:

      nameName formatvaluee-mailunspecifiedUser.emailfirstNameunspecifiedUser.firstNamelastNameunspecifieduser.lastName

  1. Add other attributes you want to pass, such as department, title, etc.
  2. Group Attribute Statements ]: Leave blank.
  3. Preview The SAML Assertion ]: You can click to preview the SAML assertion.
  4. Click [ Next ].
  5. The Okta feedback page is displayed.
    Enter any feedback, then click Next.
  6. Click View Setup Instructions.
  7. The Okta setup details are displayed.
  8. Log in to the Zoom SSO page on another tab.
  9. Configure SSO Manually and select].
  10. Copy Okta’s Identity Provider Single Sign-On URL and paste it into Zoom’s Sign-in page URL field.
  11. Leave Zoom’s [ Sign Out Page URL ] blank.
  12. Copy the Okta Identity Provider Issuer and paste it into the Zoom Issuer (IDP Entity ID) field.
  13. At Okta, copy the X. 509 certificates between BEGIN CERTIFICATE and END CERTIFICATE (not included). Zoom This [ Identity Provider CertificatePaste field.
  14. In Zoom [ Service Provider (SP) Entity ID ], select https: // yourvanityurl .zoom.us.
  15. In [ Binding ], select HTTP-Redirect.
  16. For security, leave everything deselected unless you chose to send encrypted assertions on the Okta side.
  17. In Zoom, select Save Changes.
  18. In Okta, click the Assignments tab.
  19. Click Assign and select whether you want to assign to an individual or a group.
    Click Assign to Groups if you want to assign to all users.
  20. Click Assign next to Everyone.
  21. Click [ Done ].
  22. Now that you have configured it, you can sign in to Zoom with Okta.
    To test,

    log out of your Zoom account and click login at
    https://yourvanityurl.zoom.us.

 

Leave a Comment