Configuring external authentication for K-12 schools in Zoom App

Zoom authentication profiles are used to allow students under 16 years of age to join Zoom meetings safely and securely without needing to create a Zoom account, allowing them to participate in meetings without ever creating a Zoom account themselves and prevent unauthorized participation from outside the school.

Students do not need to be logged into your Zoom account in order to use external authentication, they only need to make use of their school email address.

Frequently asked questions about external authentication for K-12 schools can be found at Frequently Accessed Questions About External Authentication for K-12 Schools.

Note : 

Admins can authorize authentication exceptions with authentication profiles in order for guests to bypass authentication and join meetings without having to authenticate. An example is if, a school authenticates the participants in a meeting against their school IDP, then there is a possibility of creating an exception that will allow a guest lecturer to attend that meeting.

Authentication requirements for K-12 schools seeking external authentication

  • Account type: Pro, Business, Education, or Enterprise
  • You have the right to be the owner or administrator of the account
  • account
  • account, where you have admin rights for your identity provider
  • for the Zoom desktop client:
    • Windows: 5.0.0 (23168.0427) or higher
    • macOS: 5.0.0 (23161.0427) or higher
  • for the Zoom mobile app:
    • Android: 5.0.0 (23161.0427) or higher
    • iOS: 5.0.0 (23161.0427) or higher
  • for the Zoom web client

What are the steps for configuring external authentication

You can create a new authentication profile in your Zoom account once the SAML configuration has been set up with your identity provider.

  1. If you are already a Zoom admin, you will be able to edit your account settings by logging into the Zoom web portal.
  2. Go to the account management tab, then account settings, and you will see the option.
  3. On the meeting schedule page, scroll down until you see Only authenticated users can attend meetings.
  4. Click the +Add Authentication Configuration button next to Meeting Authentication Options.
  5. You will then be prompted to enter a name for the Meeting Authentication option.
  6. Select Sign in to external single sign-on (SSO) by choosing its checkbox under Select an authentication method.
    After selecting Sign in to external single sign-on (SSO), the remaining fields should match those of your identity provider.
  7. Click Save.
    As a result of enabling the Only authenticated users can join setting on your account, users will now have the ability to schedule a meeting using this authentication profile.
  8. It is possible to enable or disable the Only authenticated users can join meetings toggle for each user on your account depending on whether you want this setting enabled or disabled by default.
    Click Enable or Disable on the verification dialog box if one appears to confirm the change has been made.
Note :

Click the Lock next to the setting at the account or group level and click Lock to confirm the choice. If you want to make this setting mandatory for all users in your account or for a specific group, please click the Lock next to the setting.

Configuring external authentication with G Suite

Read it also –

Viewing Recordings With External Single Sign On In Zoom App
Creating A Shared Directory Of External Contacts In Zoom App

Frequently Asked Questions

Click Settings from the navigation menu at the top of the page. In the Meetings tab, click on the Meetings button.The Only authenticated users are allowed to participate in meetings toggle can be found under Security and can be used to enable or disable it. Click Enable or Disable to verify the change in the event that a verification dialog appears.
A Zoom internal user is a user who is part of your Zoom account and belongs to it. Users that are external to your Zoom account are users who aren’t part of your Zoom account. Contacts added by internal users to their contact list are external Zoom users who have been added to their contact directory by external Zoom users.
Auth0 is used in the Zoom Single Sign-on (SSO) Integration to provide authentication and SSO capabilities for the Zoom Client Application created by the integration. Users of Zoom sign in using Auth0 identity providers, which means the identity provider performs the authentication of the users’ identity credentials in Zoom.
Next to the Authentication Exception field, select ‘Add’ and then click on it. If you are registering a person with Zoom, you will need to enter their name and email address. By selecting ‘Add Participant’, you will be able to add multiple people to the list. After you have added all the participants, you will need to save the form.
Participants need to sign into Zoom before they can participate in a Zoom meeting if they are using the Only authenticated users can join meetings option. In some circumstances, you may want to restrict your participant list only to those participants who are verified or those who are members of a particular organization.
If Zoom detects that you are attempting to log into your account from an unknown or not often used location, method, browser, or device, we will send you an OTP code to your registered email address. This could be due to a user logging in from a strange location, method, browser, or device. If you forgot your Zoom password and need to reset it, you may also receive a verification code to the email address you provided.
Android | iOS
  1. Open the Zoom app on your mobile device and sign in to your account.
  2. On the left side of the screen, tap the Contacts tab.
  3. You can invite a Zoom contact by tapping the add icon in the top-right corner of the screen.
  4. If you want to add a new contact, you will have to enter their email address.
  5. Click on the Add button.
  6. If you have any additional contacts, you should repeat the process.

Related Articles