Advanced SAML mapping allows you to designate a Zoom license, add-ons, user roles, user groups, or IM groups based on a value being passed via SAML upon login. This can allow you to have certain users, for example university faculty, to receive a Pro license upon login, while other users, for example university students, receive Basic licenses upon login. You can also deny users access to your Zoom account using Advanced SAML mapping.
Advanced SAML mapping affects new users and also existing users upon their next login via SSO.
- Owner or Admin in Zoom
- SSO Configured
The SAML attributes and the corresponding values will need to be configured in your Identity Provider. Once you have configured them in your IdP, you can set up Advanced SAML Mapping in Zoom.
To set up Advanced SAML mapping in Zoom
- Login to your Single Sign-On Configuration page in the Zoom web portal.
- Click SAML Response Mapping.
- Scroll down to SAML Advanced Information Mapping.
- Click Add next to the item that you want to designate based on SAML value.
- User Type: Designate if this user should receive a Basic, Pro, Corp (for accounts using On-Premise) or None, which will deny the user access to your Zoom account.
- Add-on Plan: Designate if this user should receive an add-on plan, such as a Webinar or Large Meeting License. They will also need to have a Pro license assigned to them to use an add-on plan.
- User Role: Designate if this user should be an admin, member or a customized role (set up in Role Management).
- User Group: Designate if this user is added to a specific group. Groups are set in Group Management and can limit features and permissions.
- IM Group: Designate if this user is added to a specific IM group. Read more about IM management.
- Once you click add next to the item that you would like to set, you will need to enter the SAML Attribute, SAML Value and Resulting Value. You can add multiple SAML Attributes and/or values if you would like to designate different groups of users to receive different results.
- SAML Attribute: Enter the Attribute Name being passed by your IdP.
- SAML Value: Enter the value being passed by your IdP for this specific user or group of users.
- Resulting Value: Select how you want this user assigned in Zoom based on the SAML value.
- Add additional SAML mappings by clicking Add.
- Click Save Changes.