When using a SSO solution such as Zoom via SAML mapping, the default License Type can be set for each user. Also available are mappings for specific SAML attributes, such as phone number, first name, last name, pronouns, and department, which are sent by your Identity Provider. In this way, the identity provider can automatically pass this information. Unless mapped to an Employee Unique ID, Zoom will only map an email address at first login. First name and last name are automatically mapped to Zoom, but you can choose to have them updated at every SSO login. Each field is mapped separately at each login.
By relying on the attribute values passed, you can also assign a user add-ons, roles, or groups.
Prerequisites for setting up basic SAML mapping
- In Zoom, you can be an owner or an admin
- If SSO is configured
How to set up basic SAML mapping
SAML must be configured on your Identity Provider (IdP) in order for it to be functional, meaning that you must configure the parameters that go with SAML attributes and the values they entail. You will be able to configure the SAML mappings in Zoom as soon as possible after you have configured SAML mappings in your Identity Provider.
- Upon logging in, you will be able to access Zoom’s web portal.
- At the top of the page, click Single Sign-On, then Advanced.
- Click Save after selecting the SAML Response Mapping.
The SAML specification includes the following attributes in the Basic Information Mapping section:
- Default License Type:
- By clicking on Edit next to the license type field, you can change the default license type. When a user selects None, they will not be able to access Zoom since by default, no account is created for the user and they will not be able to log in. It’s possible to grant access to Zoom to certain users by using SAML mapping technology, while denying access to other users. Furthermore, you can also make use of advanced mappings based on SAML, which would allow you to assign certain users a specific type based on the attributes that have been passed through.
You need to map all other fields to SAML attributes and enter their values, as they are passed by your identity provider when you click Map to SAML Attribute.
- Email Address:
- It is the email address of the user associated with their profile, and it is the email address that they will use when logging in to the IDP. Upon first login, this will be mapped to a unique identification code. Zoom uses this code to identify the current user.
- First Name
- Last Name
- Display Name:
- Typically used as a nickname or preferred name, rather than the actual name of the person.
- Zoom’s desktop client and mobile app displays users’ pronouns in their profile cards, if pronouns are enabled at the account level. During meetings and webinars, users will have the option of sharing their pronouns. Version 5.7.0 or higher is required for this feature.
- Make sure this field cannot be updated by users:
- Make sure that your IDP provides your users with their pronouns and prevents them from changing them.
- Phone number:
- Each user’s phone number. Each user is able to add up to three external phone numbers to their profiles through the customization process. Zoom Phone users are not able to use this number if they have Zoom Phone. Adding numbers with labels can be done by clicking on the Add Numbers with Labels option.
- Job Title
- Profile Picture
- Personal Link Name:
- The alias for the meeting URL that is used by each user for personal meetings. For example, you can go to https://mycompany.zoom.us/my/grant in order to make a grant request.
- Zoom needs to enable this feature for your account in order for you to use it. Once you contact support, please expect the feature to be enabled in a maximum of 3 business days.
- Cost Center
- Zoom Phone Ext Number:
- Zoom Phone users can call this extension number. There are some reserved extension numbers.
- Zoom Phone Number:
- Zoom Phone users are able to call this number directly. Direct numbers can only be obtained by Zoom Phone users who have a Zoom Phone calling plan. Advanced SAML Mapping allows you to specify what kind of plan you want.
- In order to assign a direct number to a user, the user must have a calling plan assigned.
- Employee Unique ID:
- This is the unique ID assigned to each employee. It can be used to simplify the process of changing an employee’s email address. It is recommended that you use *NameID> instead of your unique ID if it appears in the NameID element.
If you want to edit or remove a value after entering it, click Edit or Clear.
Read it also –
|How To Set Up Advanced Saml Mapping In Zoom|
|Administrator Saml Mapping Basic And Advanced In Zoom App|
|Zoom And Salesforce User Mapping|
Frequently Asked Questions
What is SAML mapping on Zoom?
How do you set up SSO Zoom?
- To sign in with SSO, click on Sign In with SSO.
- Please enter the domain name of your company. For more information on how to obtain the domain for your company, please contact your Zoom administrator. The following steps need to be taken if you do not know the domain of your company, tap I don’t know the domain of my company, then enter your email address.
- The next step is to click Continue. Your single sign-on provider will redirect you to your sign-in page to enable you to complete the sign-in process.
How do I find SAML attributes?
- When the developer console is open, press F12 to open it.
- In the Network tab, select Preserve logs, and then select the Preserve logs option.
- The issue needs to be reproduced.
- In the developer console pane, you should be able to find a SAML Post. After selecting the row you wish to view, you should go to the Headers tab at the bottom of the page. There is an attribute called SAMLResponse and it contains the encoded request, so find out what it is.
How does SAML authentication work?
How do I change my SSO Zoom display name?
- You will be able to join the Zoom meeting or webinar once you have entered it.
- On the bottom of the screen, you will find a control named “Participants” ( ) which you can click once you have entered the meeting.
- There will be a Participant panel displayed on the screen. In the list of participants, find your name and click on it. …
- If you would like your name displayed in the way you desire, please enter it as you wish. The name you display in the meeting will be changed as soon as you click this button.
Is SAML the same as SSO?
What components are needed for SAML authentication?
- Client application software. Authenticating into a web-based application requires the user to enter their username and password.
- Identifier Provider (IdP) This is the server or authority that provides the client with authenticated access to the Internet.
- Service Provider (SP) .
- Identity Management Service/Single Sign-On (IDM/SSO) Service.