With SSO (single sign on)
You can log in to Zoom using your company credentials.
Zoom Single Sign-On (SSO) is based on SAML 2.0.
Zoom acts as a service provider (SP) and offers automatic user provisioning.
It is not necessary to register as a user with Zoom, but when a SAML response is received from an identity provider (IdP), it checks if the user exists.
If the user does not exist
Zoom automatically creates a user account using the received name ID.
Available with the following service providers
- G Suite / Google Apps
In addition, ADFS 2.0 will be available with the implementation using SAML.
Necessary requirements before setting
- Business or Education account
- Vanity URL it is approved
Note : If you do not have an approved vanity URL
vanity URL (example: Https: // Yourcompany .Zoom.Us) the account profile , please apply at the page. Only after this application is approved, you can configure SSO on the Zoom side.
SSO setting method
- After setting up your IdP, please send the following to Zoom
- A unique distinguished name linked to a nameID such as edupersonTargetedID , persistentID , or email
- (Optional) Available attributes are Mail (urn: oid: 0.9. 2342. 9200300. 100.1.3), sn (urn: oid: 2.5. 4.4), and givenName (urn: oid: 2.5. 4. 42).
- Next, enter SSO information at https://zoom.us/account/sso.
Please refer to the attached example from idP xml metadata.
- Sign In Page URL: <SingleSignOnService>
- Signout Page URL: <SingleLogoutService>
- Certificate: <X509Certificate> * Note : Delete ” Begin Certificate and End Certificate “.
- Publisher: <ID of EntityDescriptor>
- Combine: select HTTP-POST or HTTP-REDIRECT
- Default User Type: Basic or Pro
- Finally, after configuration, you can get SP metadata XML file from the following.
https: // yourcompany.zoom.us / saml / metadata / sp
Confirmation items after setting
- To start SSO,
SSO users need to use a browser to access https: // yourcompany .zoom.us and
- When logging in from the desktop or mobile client, you
need to enter the domain name of the vanity URL in SSO login.