Administrator- Set Zoom with ADFS

Active Directory Federation Services (ADFS) allows you to set up your account to log in with single sign-on (SSO). You can use SAML mapping to assign user licenses, groups, and roles based on ADFS settings. For more information on single sign-on, please click here .



    • Zoom’s Business or Education account with an approved vanity URL
    • ADFS server access
  • Zoom Administrator or Owner Access

Settings in Zoom

  1.  Https: // [SERVER] /FederationMetadata/2007-06/FederationMetadata.Xml in ADFS XML metadata search to the Download / Views
    * [SERVER]: ADFS server (
  2. On the Zoom Admin page, click Single Sign On to display the SAML tab.
  3. Enter the following information in the SAML tab options:
    • Sign SAML Request  ]: Check this option to sign a SAML request in ADFS.
    • Support Encrypted Assertions ]: Check this option to use encrypted assertions with ADFS.
    • Enforce automatic logout after the user has been logged in for ]: Check this if you want to log out automatically after the specified period of time.
      • Sign-in page URL ]: https: // [SERVER] /adfs/ls/idpinitiatedsignon.aspx?logintoRP=[Vanity]
      • Sign-out page URL ] :   https: // [SERVER] /adfs/ls/?wa=wsignout1.0
      • Identity provider certificate ] : Use the    first X509 certificate of X509 certificate
        * XML file from XML metadata in step 1 :
        <ds: Signature xmlns: ds = “ 09 / xmldsig # “>
        <KeyInfo xmlns =” ​​ “>
      • Service Provider (SP) Entity ID  ]: Select an option without https.
      • Issuer ]: http or https: // [SERVER] / adfs / services / trust (entityID of metadata)
      • Binding ]: HTTP-POST
      • Security

Settings in ADFS

  1. Log in to the ADFS server.
  2. Open the ADFS 2.0 MMC .
  3. Add Relying Party Trust .
    Select important data about Relying Party (RP) published online or on a local network.
    Federation metadata address: https: // YOURVANITY / saml / metadata / sp
See also  How to change settings in the PWA client in Zoom App

  1. Add a display name (“Zoom “) and exit the wizard with default settings.
  2. Modify the redirect and post SAML logout endpoint (right click on the newrelying party trust> Properties> Endpoints tab) URL as follows:
    https: // SERVER /adfs/ls/?wa=wsignout1.0
    Note: If you can not change the log out end-point[ Monitor Open the tab “ Automatically update relying party to cancel the check”,
    to apply the changes.
  3. 2 Add the two claim rules (request convention).
    itemconcents inputtedType
    Send LDAP Attributes as Claims
    ( Send LDAP Attributes as Claims )Name Zoom-Send to EmailMappingsE-Mail-Addresses> E-Mail AddressUser-Principal-Name> UPNGiven-Name> urn: oid:> urn: oid: Incoming Claim Transform
    (accepted request conversion)Name Zoom – Email To Name ID
    (name ID from the e-mail)Incoming claim type 
    (incoming request type)-Mail Address E
    (mail address)Outgoing claim type 
    (outgoing request type)ID Name
    (name ID)Outgoing name ID format 
    (outgoing name ID format)Email

When setting is over

Based on what you have configured, any user in Active Directory should be able to log in.

To test , select [ Login ] at

http: / / YOURVANITY .

Troubleshooting tips

Inability to login:

  • I can not log in using Google Chrome
  • I can not log in using Firefox
  • “Audit Failure” event of “Status: 0xc000035b” is displayed in the event viewer of the ADFS server


Extended protection needs to be turned off.

Chrome and Firefox do not support ADFS extended protection (IE supports it).

  1. Start IIS Manager .
  2. In the left panel, navigate to Sites > Default Web Site > ADFS > LS .
  3. Double-click the [ Authentication ] icon .
  4. Windows Authentication the] right-click and then.
  5. Select [ Advanced Settings ].
  6. Turn off [ Extended Protection ] .


Read it also –

How To Enable Tls 1 2 On Adfs Windows Server 2012 R2
How To Configure Zoom Sso With Adfs
Administrator Set Zoom Room In Microsoft Exchange 2010
Administrator Set Zoom App With Onelogin
How To Set Zoom As Default For Google Calendar
See also  How to Launch Zoom from a web browser

Frequently Asked Questions


Does zoom integrate with Active Directory?

With the AD Sync Tool, you are able to manage users between your Active Directory (AD) or LDAP Server and your Zoom account via a command line tool that can be installed on a Windows, Linux, or macOS system. As a result of this tool, when a change is made in your LDAP/AD system for any of the users in your Zoom account, Zoom will automatically manage them when the changes are made.

What is a Zoom administrator?

Zoom Rooms offer the owner the option of giving Zoom Rooms administration to all admins or to a few specific admins, depending on their need. Zoom Rooms admins with the ability to manage Zoom Rooms can use their Zoom login to select the specific Zoom Rooms (room picker) to be installed during installation, or they can log into the Zoom Room computer if the Zoom Room computer becomes unlogged until they login again.

How do I give administrator permission in Zoom?

In order to access the Zoom web portal, you will need to sign in as the account owner. Click on User Management in the navigation menu and then click Roles in the menu. Select the Add Role option from the menu. Then click on the Add Role button and provide the role with a name and description.

What is the difference between a Zoom owner and administrator?

In addition to having all privileges, the owner is also responsible for managing the roles. A user can be added, removed, or edited by an administrator. Manages advanced features such as APIs, single sign-on, and meeting connectors as well as manages advanced features. There are no administrative privileges available to members.

See also  Getting started with provisioning desk phones in Zoom App

How do I get rid of administrator Zoom?

Sign into the Zoom web portal as an account owner or administrator in order to access the Zoom web portal. Click User Management in the navigation menu and then click Users in the left-hand menu. In the first column, click on the check boxes next to the names of the users you wish to delete, and then click the delete button. On the top of the table, click on Delete to delete the item.


Related Articles

How To Configure Zoom With Azure
How To Configuring Zoom With G Suite Google Apps
How To Configure Zoom With Shibboleth
I Want To Start Zoom With Blackberry
How To Configure Zoom With Rsa Securid Access
How To Login Zoom With Google Account
How To Sign In To Zoom With Google Apple Or Facebook
Getting Started Zoom With Android