Administrator- SSO (single sign on) setting for Zoom App

This post was most recently updated on September 20th, 2022

With SSO (single sign on)

You can log in to Zoom using your company credentials.

Zoom Single Sign-On (SSO) is based on SAML 2.0.

Zoom acts as a service provider (SP) and offers automatic user provisioning.

It is not necessary to register as a user with Zoom, but when a SAML response is received from an identity provider (IdP), it checks if the user exists.

If the user does not exist

Zoom automatically creates a user account using the received name ID.

Available with the following service providers

  • PingOne
  • Okta
  • Azure
  • Centrify
  • Shibboleth
  • Gluu
  • G Suite / Google Apps
  • OneLogin

In addition, ADFS 2.0 will be available with the implementation using SAML.

Necessary requirements before setting

  • Business or Education account
  • Vanity URL it is approved
    Note : If you do not have an approved vanity URL
    vanity URL  (example: Https: // Yourcompany .Zoom.Us) the account profile , please apply at the page. Only after this application is approved, you can configure SSO on the Zoom side.

SSO setting method

  1. After setting up your IdP, please send the following to Zoom
  • A unique distinguished name linked to a nameID such as edupersonTargetedID , persistentID , or  email
  • (Optional) Available attributes are Mail (urn: oid: 0.9. 2342. 9200300. 100.1.3), sn (urn: oid: 2.5. 4.4), and givenName (urn: oid: 2.5. 4. 42).
  1. Next,  enter SSO information at https://zoom.us/account/sso.

Please refer to the attached example from idP xml metadata.

  • Sign In Page URL: <SingleSignOnService>
  • Signout Page URL: <SingleLogoutService>
  • Certificate: <X509Certificate> * Note : Delete ” Begin Certificate and End Certificate “.
  • Publisher: <ID of EntityDescriptor>
  • Combine: select HTTP-POST or HTTP-REDIRECT
  • Default User Type: Basic or Pro
  1. Finally, after configuration, you can get SP metadata XML file from the following.
    https: // yourcompany.zoom.us / saml / metadata / sp

Confirmation items after setting

  • To start SSO,
    SSO users need to use a browser to access https: // yourcompany .zoom.us and
    log in.
  • When logging in from the desktop or mobile client, you
    need to enter the domain name of the vanity URL in SSO login.

Frequently Asked Questions

 

To access Zoom’s web portal, you need to sign in to your Zoom account. The single sign-on option can be found in the Advanced menu under the navigation menu. On the top right-hand corner of the screen, click the Edit button. Select the check box or uncheck the automatically manage the certificate option in the section for Service Provider (SP) Entity IDs.
 
Through the use of Single Sign on (SSO), Zoom users are now able to sign in using both their company credentials as well as their standard login credentials along with their Zoom account credentials, all together for a more seamless experience.
 
The most likely cause of this type of error is a failure to clear your browser’s cache and cookies (here are some instructions on how to clear the cache and cookies for the Chrome browser, and here are instructions on how to clear the cache and cookies for the Firefox browser). If you are using Chrome, you might also be able to log in using the Incognito Window in order to see if that helps.
 
We can login only by using the username and password if there is no SSO used to access the Zoom App in the case where SSO is not used to access it.
  1. Go to https://zoom.us/account and log in with your Zoom account information.
  2. As long as the managed domain setting is enabled, it is okay to proceed. The following procedure should be followed if no settings have been set.
  3. The managed domain can be added by clicking the Add button next to it.