How to Set up basic SAML mapping in Zoom App

When using a SSO solution such as Zoom via SAML mapping, the default License Type can be set for each user. Also available are mappings for specific SAML attributes, such as phone number, first name, last name, pronouns, and department, which are sent by your Identity Provider. In this way, the identity provider can automatically pass this information. Unless mapped to an Employee Unique ID, Zoom will only map an email address at first login. First name and last name are automatically mapped to Zoom, but you can choose to have them updated at every SSO login. Each field is mapped separately at each login.

By relying on the attribute values passed, you can also assign a user add-ons, roles, or groups.

Prerequisites for setting up basic SAML mapping

  • In Zoom, you can be an owner or an admin
  • If SSO is configured

How to set up basic SAML mapping

SAML must be configured on your Identity Provider (IdP) in order for it to be functional, meaning that you must configure the parameters that go with SAML attributes and the values they entail. You will be able to configure the SAML mappings in Zoom as soon as possible after you have configured SAML mappings in your Identity Provider.

  1. Upon logging in, you will be able to access Zoom’s web portal.
  2. At the top of the page, click Single Sign-On, then Advanced.
  3. Click Save after selecting the SAML Response Mapping.
    The SAML specification includes the following attributes in the Basic Information Mapping section:
  • Default License Type:
  • By clicking on Edit next to the license type field, you can change the default license type. When a user selects None, they will not be able to access Zoom since by default, no account is created for the user and they will not be able to log in. It’s possible to grant access to Zoom to certain users by using SAML mapping technology, while denying access to other users. Furthermore, you can also make use of advanced mappings based on SAML, which would allow you to assign certain users a specific type based on the attributes that have been passed through.

You need to map all other fields to SAML attributes and enter their values, as they are passed by your identity provider when you click Map to SAML Attribute.

  • Email Address:
  • It is the email address of the user associated with their profile, and it is the email address that they will use when logging in to the IDP. Upon first login, this will be mapped to a unique identification code. Zoom uses this code to identify the current user.
  • First Name
  • Last Name
  • Display Name:
  • Typically used as a nickname or preferred name, rather than the actual name of the person.
  • Pronouns:
    • Zoom’s desktop client and mobile app displays users’ pronouns in their profile cards, if pronouns are enabled at the account level. During meetings and webinars, users will have the option of sharing their pronouns. Version 5.7.0 or higher is required for this feature.
    • Make sure this field cannot be updated by users:
    • Make sure that your IDP provides your users with their pronouns and prevents them from changing them.
  • Phone number:
  • Each user’s phone number. Each user is able to add up to three external phone numbers to their profiles through the customization process. Zoom Phone users are not able to use this number if they have Zoom Phone. Adding numbers with labels can be done by clicking on the Add Numbers with Labels option.
  • Company
  • Job Title
  • Location
  • Profile Picture
  • Personal Link Name:
  • The alias for the meeting URL that is used by each user for personal meetings. For example, you can go to https://mycompany.zoom.us/my/grant in order to make a grant request.
  • Department
  • Manager
  • Zoom needs to enable this feature for your account in order for you to use it. Once you contact support, please expect the feature to be enabled in a maximum of 3 business days.
  • Cost Center
  • Zoom Phone Ext Number:
  • Zoom Phone users can call this extension number. There are some reserved extension numbers.
  • Zoom Phone Number:
  • Zoom Phone users are able to call this number directly. Direct numbers can only be obtained by Zoom Phone users who have a Zoom Phone calling plan. Advanced SAML Mapping allows you to specify what kind of plan you want.
  • In order to assign a direct number to a user, the user must have a calling plan assigned.
  • Employee Unique ID:
  • This is the unique ID assigned to each employee. It can be used to simplify the process of changing an employee’s email address. It is recommended that you use *NameID> instead of your unique ID if it appears in the NameID element.
    Note :

    • After users have logged in with SSO, their unique employee ID will replace their Email address as their unique identifier.
    • The Associated Domain must be approved before you can configure this SAML attribute. 

If you want to edit or remove a value after entering it, click Edit or Clear.


Read it also –

How To Set Up Advanced Saml Mapping In Zoom
Administrator Saml Mapping Basic And Advanced In Zoom App
Zoom And Salesforce User Mapping

Frequently Asked Questions

 

When performing a Basic SAML Mapping on Zoom, your users can select from a list of available options a default License Type from a list of available options when logging into Zoom via SSO.  
Moreover, in addition to mapping the email address, first name and last name that have been passed to your Identity Provider by your Identity Provider, you can also map specific SAML attributes that are coming from your Identity Provider. Pronouns, phone numbers, and departments are some of the attributes that might be passed by the identity provider, as examples of these attributes.
Zoom desktop client
  1. To sign in with SSO, click on Sign In with SSO.
  2. Please enter the domain name of your company. For more information on how to obtain the domain for your company, please contact your Zoom administrator. The following steps need to be taken if you do not know the domain of your company, tap I don’t know the domain of my company, then enter your email address.
  3. The next step is to click Continue. Your single sign-on provider will redirect you to your sign-in page to enable you to complete the sign-in process.
Google Chrome
  1. When the developer console is open, press F12 to open it.
  2. In the Network tab, select Preserve logs, and then select the Preserve logs option.
  3. The issue needs to be reproduced.
  4. In the developer console pane, you should be able to find a SAML Post. After selecting the row you wish to view, you should go to the Headers tab at the bottom of the page. There is an attribute called SAMLResponse and it contains the encoded request, so find out what it is.
The SAML protocol works by exchanging information about a user between an identity provider and a service provider, such as login information, authentication status, identifiers, and any other attributes that are relevant to the user. Therefore, it facilitates a simpler and a safer authentication process since the user only needs to login with a single set of credentials, which simplifies and secures the authentication process.
Resolution
  1. You will be able to join the Zoom meeting or webinar once you have entered it.
  2. On the bottom of the screen, you will find a control named “Participants” ( ) which you can click once you have entered the meeting.
  3. There will be a Participant panel displayed on the screen. In the list of participants, find your name and click on it. …
  4. If you would like your name displayed in the way you desire, please enter it as you wish. The name you display in the meeting will be changed as soon as you click this button.
With SAML, users have the capability of logging in once and using their same credentials at other service providers with the same credentials, also known as Single Sign On (SSO).
SAML has the following main components:
  • Client application software. Authenticating into a web-based application requires the user to enter their username and password.
  • Identifier Provider (IdP) This is the server or authority that provides the client with authenticated access to the Internet.
  • Service Provider (SP) .
  • Identity Management Service/Single Sign-On (IDM/SSO) Service.

Related Articles

How To Set Up User Access For The Zoom App In Salesforce
How To Set Up Advanced Saml Mapping In Zoom
Administrator Set Up Zoom Rooms On Office 365
Administrator Set Up Zoom Rooms Using Google Calendar
How To Set Up Basic Saml Mapping In Zoom App
Administrator Set Up Zoom Room With Chrome Os
How To Set Up Kaltura Integration In Zoom App
Administrator Set Up Zoom Rooms On Exchange 2013 2016
How To Set Up The Slack Integration In Zoom
Set Up Cisco Unified Communications Manager Cucm With Zoom App