[Administrator] How to Set Okta in Zoom App
Connecting Zoom with Okta allows you to log in to your account via SSO using your company’s Okta credentials. There are two ways to set Zoom in Okta.
- Automatically configure the Okta app for Zoom using the pre-built Zoom app of the Okta application network
- Set up a custom app in Okta for Zoom. Setting up a custom app lets you pass additional information to Zoom to use advanced SAML mappings .
Contents
Prerequisites
- Zoom owner or administrator
- authority
- Business or Education account with approved vanity URL
- Okta administrator authority
Set Okta with a pre-configured app
The pre-configured app sends an email address, first name, and last name as name ID.
If you need to send additional attributes from Okta to Zoom, you need to create a custom app.
- In Okta, go to Applications.
- Click [ Add Application ].
- Search Zoom SAML.
- Click [ Add ].
- The General Settings page is displayed.
-
- [ Application Name ]: Leave Zoom SAML or enter the desired name.
- [ Subdomain ]: Enter only the custom part of the vanity URL. For example, if the vanity URL is https://mydomain.zoom.us, enter only “mydomain”.
- [ Application visibility ]: Optional. Check the option if you want this app to be visible to the user.
- Click [ Done ].
- Click the Assignments tab.
- Click Assign and select whether you want to assign to an individual or a group.Click Assign to Groups if you want to assign to all users.
- Click Assign next to Everyone.
- Click [ Done ].
- Click [ Sign On ].
- Click View Setup Instructions.
- The procedure of how to set OOS in Zoom is displayed.
- Copy the following values from Okta to Zoom:・ Sign-in Page URL
・ Sign-out Page URL
・ Identity Provider Certificate
・ Issuer - For Service Provider (SP) Entity ID, select the option without https.
- Change [ Binding ] to HTTP-Redirect.
- In Zoom, select Save Changes.
- Now that you have configured it, you can sign in to Zoom with Okta.
To test,log out of your Zoom account and click Login at
https: // yourvanityurl.zoom.us.
Set Okta in a custom app
- In Okta, click Add Apps.
- Click Create New App .
- Select the following in the Create a New Application Integration window :
- [ Platform ]: Web
- [ Sign on method ]: SAML 2.0
- Click Create.
- The General Settings page is displayed.
- [ App Name ]: Name the app.
Use a name that identifies the Okta Zoom application.Example: Zoom - (Optional) [ App logo ]: Upload Zoom logo, if desired.
- (Optional) [ App visibility ]: Check these options if you want users of Okta to see the Zoom custom app.
- [ App Name ]: Name the app.
- Click [ Next ].
- The configuration page for SAML is displayed.
- Single Sign-on URL : https: // yourvanityurl .zoom.us / saml / SSO
- [ Use This For Recipient URL And Destination URL to] check you put.
- Leave [ Allow this app to request other SSO URLs ] unchecked.
- Audience URI (SP Entity ID) : https: // yourvanityurl .zoom.us
- [ Default RelayState ]: Leave blank .
- [ Name ID Format ]: [ EmailAddress and choose].
- [ Application username ]: Select [ Okta username ].
- Click Show Advanced Settings .
- [ Response ]: Select [ Signed ].
- [ Assertion Signature ]: Select [ Unsigned ].
- [ Signature Algorithm ]: Select [ RSA-SHA256 ].
- [ Digest Algorithm ]: Select [ SHA256 ].
- [ Assertion Encryption ]: Select one.
If you select [ encrypted ],
Zoom side needs to check the option of an encrypted assertion.If it is unknown, leave it as [ Unencrypted ]. - [ Enable Single Signout ]: Leave unchecked .
- [ Authentication context class ]: select [ PasswordProtectedTransport ].
- [ Honor Force Authentication ]: Select [ Yes ].
- [ SAML Issuer ID ]: blank leave.
- [ Attribute Statements ]:nameName formatvaluee-mailunspecifiedUser.emailfirstNameunspecifiedUser.firstNamelastNameunspecifieduser.lastName
- Add other attributes you want to pass, such as department, title, etc.
- [ Group Attribute Statements ]: Leave blank.
- [ Preview The SAML Assertion ]: You can click to preview the SAML assertion.
- Click [ Next ].
- The Okta feedback page is displayed.
Enter any feedback, then click Next. - Click View Setup Instructions.
- The Okta setup details are displayed.
- Log in to the Zoom SSO page on another tab.
- [ Configure SSO Manually and select].
- Copy Okta’s Identity Provider Single Sign-On URL and paste it into Zoom’s Sign-in page URL field.
- Leave Zoom’s [ Sign Out Page URL ] blank.
- Copy the Okta Identity Provider Issuer and paste it into the Zoom Issuer (IDP Entity ID) field.
- At Okta, copy the X. 509 certificates between BEGIN CERTIFICATE and END CERTIFICATE (not included). Zoom This [ Identity Provider CertificatePaste field.
- In Zoom [ Service Provider (SP) Entity ID ], select https: // yourvanityurl .zoom.us.
- In [ Binding ], select HTTP-Redirect.
- For security, leave everything deselected unless you chose to send encrypted assertions on the Okta side.
- In Zoom, select Save Changes.
- In Okta, click the Assignments tab.
- Click Assign and select whether you want to assign to an individual or a group.
Click Assign to Groups if you want to assign to all users. - Click Assign next to Everyone.
- Click [ Done ].
- Now that you have configured it, you can sign in to Zoom with Okta.
To test,log out of your Zoom account and click login at
https://yourvanityurl.zoom.us.
Read it also –
Okta User Management With Zoom |
Frequently Asked Questions
How do I enable SSO for Zoom?
It is important to understand what needs to be done in order for the automatic rotation of SSO certificates to be enabled or disabled
-
Zoom’s web portal can be accessed by signing in.
-
The single sign-on option can be found in the Advanced section of the navigation menu.
-
Click the Edit button located at the top-right corner of the page.
-
The checkbox Automatically manage the certificate under Service Provider (SP) Entity IDs can be checked or unchecked.
How do I enable SSO for Zoom?
It is necessary for you to take the following steps in order to enable or disable the automatic rotation of certificates associated with SSO
-
Zoom’s web portal can be accessed by signing in.
-
The single sign-on option can be found in the Advanced section of the navigation menu.
-
In the top-right corner of the screen, you will find an Edit button, which can be clicked on to make changes.
-
The Service Provider Entity ID (SP) section allows you to check or uncheck Automatically manage the certificate for the Service Provider (SP).
Where is SSO in Zoom?
There is a web portal available for Zoom users
You can access your Zoom vanity URL by going to the following address: https://company.zoom.us. Once there, click on the Sign in button. Clicking on that link will take you to a website where you will be able to enter your single sign-on credentials in order to access your account.
Does Zoom use Okta?
As a result of single sign-on, you can select the Zoom account that you wish to log in to using the credentials of your company. In order to enable users to directly connect their Zoom accounts to their Okta identity providers (idPs), the identity providers (idPs), there must be a connection established between OKta and Zoom, the service providers (SPs).
How do I login as a host in Zoom?
For claiming host control and logging in, follow these steps:
-
You can find the meeting controls by tapping the More button. …
-
Follow the instructions on how to sign in as a host by clicking on Sign In as Host.
-
If you don’t have an account with Zoom, please make sure that you log in.
-
Whenever you tap the Participants icon in the bottom left corner, you will notice that you have been added to the list of participants as the host.
Related Articles