Getting started with associated domains in Zoom App

This post was most recently updated on July 28th, 2022

The associated domains allow you to add or create users whose email addresses match your organization’s domain (such as @zoom.us) in the same way that you would add or create users otherwise. Once the domain associated with your Zoom account has been verified, you can enable an option to ensure that all new or existing users with that domain will be prompted to join your account whenever they sign in to Zoom. In addition to the ability to insist on single sign-on login methods, adding an associated domain will also allow you to force one.

Following the approval of your associated domain, you will be able to learn more about advanced Associated Domain configurations and their effect on users.

Prerequisites for associated domains

  • Your account can be either a Business, Enterprise, or an Education account
  • that has the permission to be an administrator or the account owner
  • with respect to a custom domain owned by your company
    Note:
  •  Specifically, some domains, such as @gmail.com and @outlook.com, are not allowable.

How to add a custom domain to your account

For your account to include a custom domain, follow these steps:

  1. Log in to the Zoom web portal as an admin that has access to the account settings, and you will be able to edit the account settings.
  2. Click on Account Management, and then on Account Profile to view the account settings.
  3. After you click on Account Profile, you’ll see the account settings.
  4. On the Associated Domains tab, click + Add Additional Domains to add more domains to the account.
  5. If you want to add a domain (or multiple domains), you should enter their names (separated by commas) in the Add Associated Domains dialog box, and then click the Add Domains button.
  6. If you just added the domain name to the associated domains list, there is a button that says Verify next to it.
  7. The Verify your domain dialog box allows you to select one of the methods for verification. Once you have selected a method, click Next.
  8. Once the next page appears, you will need to follow the instructions.
    Each of the methods of verification appears on a different page:

    • How to add TXT records to your domain
    • By uploading an HTML file to your domain
    • and including the *meta> tag in the website’s header
    • header
    • header, you should contact Zoom Support for manual approval
  9. After you have added or uploaded the appropriate information, you will be prompted to check the checkbox that states that that information has been added or uploaded.

Next to the domain, you will see the label (Verifying), which shows that verification is in progress. During this time, the domain can show the Verified label until it becomes verified itself, at which point it will show the Verified label. It could take one hour or several days to verify a transaction according to the method used.

Please click on View Verification Details if the verification does not occur within the anticipated time frame. As you can see, this shows the steps in the verification process for your chosen verification method. If possible, you can retry the verification steps if they cannot be completed correctly. In order to complete this process, you need to click on Verify Again if you need to retry the steps.

How to manage associated domains and accounts

In the event that you add and verify your domain, you will be presented with the option to manage accounts for the same domain, and you can choose to allow users with the same domain to consolidate into your account.

Note:

It is possible for a user to skip joining the account when they receive a notification to participate in the activity; however, this option can only be utilized twice. After being notified three times, the user will be forced to join to the account or create a new account when they are not already registered. The account will not be able to be unlocked if the user skips the third notification.

You can manage your associated accounts and domains using the following steps:

  1. The Zoom web portal can be accessed by logging in.
  2. Once you have logged in, you can access the Account Management page followed by the Account Profile page.
  3. To access the Account Profile page, click the Account Profile tab.
  4. The associated domains section allows you to view the domain names associated with your account and select the options you would like to enable.
    • It is possible to make use of multiple domains when creating a Zoom account: If a user attempts to create a Zoom account using an email address at a particular domain, they will be instructed to choose a different email address to use. You will be required to change the email address of customers with this domain who do not have an account with your business.
    • Adding the option to allow users from the same domain to bring their accounts together into one: Existing users will be prompted to transfer their accounts to the managing account or change their login information to use a different e-mail account. Before they are forced to choose between the two options, they will be able to sign into their account for a maximum of three times.
    • Signing up for Zoom using an email address associated with users’ domains should be allowed. Users will be able to get a Zoom account if they use an email address that corresponds with their domain. In the example above, users may sign up with their name@mydomain.com if the domain associated with the account is mydomain.com. In this case, a confirmation email will be sent to the signup users. It will be asked of them if they would like to consolidate into the managing account or if they would like to change their email address after signing in. In order to enable this setting, it must be enabled initially through the Manage users with the same domain option, a setting that is disabled by default.
      It should be noted that to allow users within the same domain to consolidate into this account, the Allow users within the same domain to consolidate into this account setting must be enabled. If users are forced to use SSO in order to sign in, this setting can’t be enabled.
  5. Press Save.
    Users will be able to see their summary when configured.
  6. Click View User Summary (optional) to notify existing Zoom users of the domain change. If any existing Zoom users exist with this domain, click Send an Email to notify them.

Please refer to the article on advanced Associated Domains configuration for details on how these configurations affect users and how they are notified.

How to view existing associated domains

Click on the following link in order to view the existing domains associated with it:

  1. Sign in to the Zoom web portal by entering your email address and password.
  2. After entering your email address and password, click the Account Management tab and then the Account Profile tab.
  3. Afterwards, you will see a list of your account information.
  4. You can access your associated domains under the Associated Domains section of the account management page by clicking on the domain name.
    • Upon verification, you will be able to view a summary of your verified users and see how many of them are already in your account as well as how many are not.
    • Depending on whether the domain has been verified or not, you can either verify it or delete it.

Note:

Zoom Technical Support will need to be contacted by the account owner or an admin in order to remove an associated domain which is a verified domain.

How to require single sign-on login with associated domains

It is possible to enforce SSO login with the associated domain after it has been verified.

As a requirement, SSO login will be required with domains associated to the account:

  1. The Zoom web portal can be accessed by signing in to the site.
  2. Then select Advanced then Security from the navigation menu.
  3. If you want to enable or disable the ability for users to sign in with Single Sign-On (SSO), please click the toggle next to the Sign-in Methods.
  4.  Please click the check box that says Require users to sign in with SSO if their email address belongs to one of the following domains.
  5. You can choose the domains by clicking the drop down box.
  6. If you would like to require all domains that you would like to use to sign in with SSO, click on the check boxes.
  7. Under Specify users who can bypass SSO sign-in, you need to click + Add Users if there are specific users that need to bypass SSO and log in using an email address and password instead of using their existing account. The email addresses of each participant should be entered, separated by commas.
  8. Then click Save.

Note:

In addition, you will be sending an email asking new SSO users who do not have a domain associated with their account to confirm their email address.