Configuring Okta with Zoom Follow

Overview

You can connect Zoom with Okta to use your company's Okta credentials to login to your account via SSO. There are two ways that you can configure Zoom with Okta. You can use the pre-built Zoom app in the Okta Application Network to automatically configure the Okta app for Zoom, or you can set up a custom app in Okta for Zoom. Configuring a custom app will allow you to pass additional information to Zoom and use advanced SAML mapping

This article covers:

Prerequisites

  • Zoom owner or admin privileges
  • Business or Education account with approved Vanity URL
  • Okta admin privileges

Instructions

Configuring Okta with the pre-built app

The pre-built app sends the email address as Name ID, first name, and last name. If you need to send additional attributes from Okta to Zoom, you will need to create a custom app.

  1. In Okta, go to Applications.
  2. Click Add Application.
    Screen_Shot_2017-12-11_at_8.48.19_PM.png
  3. Search for Zoom SAML.
    Screen_Shot_2017-12-11_at_8.50.38_PM.png
  4. Click Add.
  5. This will take you to the General Settings page.
    Screen_Shot_2017-12-11_at_8.54.36_PM.png
    • Application Name: You can leave this as Zoom SAML or rename as desired. 
    • Subdomain: Enter only the custom part of your Vanity URL. For example, if your vanity URL is https://mydomain.zoom.us, only enter mydomain
      Screen_Shot_2017-12-11_at_9.01.14_PM.png
    • Application visibility: Optional. Check the options if you want to make this app visible to your users.
  6. Click Done.
  7. Click the Assignments tab.
    Screen_Shot_2017-12-11_at_7.13.47_PM.png
  8. Click Assign and choose if you want to assign it to a person or a group. If you want to assign it to all users, click Assign to Groups.
    Screen_Shot_2017-12-11_at_7.13.56_PM.png
  9. Next to Everyone, click Assign.
    Screen_Shot_2017-12-11_at_9.04.01_PM.png
  10. Click Done.
  11. Click Sign On.
    Screen_Shot_2017-12-11_at_9.06.01_PM.png
  12. Click View Setup Instructions.
    Screen_Shot_2017-12-11_at_6.46.40_PM.png
  13. This will open instructions on how to configure SSO on Zoom. 
    Screen_Shot_2017-12-11_at_9.08.57_PM.png
  14. Copy the Sign-in Page URL, Sign-out Page URL, Identity Provider Certificate, and Issuer values from Okta into Zoom.
  15. For Service Provider (SP) Entity ID, choose the option without https.
  16. Change the Binding to HTTP-Redirect.
  17. In Zoom, choose Save Changes.
    73693caf-7a0b-4aef-8690-c10b6fadcc14.png
  18. Your setup is complete and you should now be able to sign in to Zoom with Okta. To test, logout of your Zoom account and click Log In at https://yourvanityurl.zoom.us

 

Configuring Okta with a custom app

  1. In Okta, click Add Apps.
  2. Click Create New App. Screen_Shot_2017-12-11_at_4.39.48_PM.png
  3. In the Create a New Application Integration window, select the following:
    • Platform: Web
    • Sign on method: SAML 2.0
      Screen_Shot_2017-12-11_at_4.39.48_PM.png
  4. Click Create.
  5. This will take you to the General Settings page.
    • App Name: You can give the app the name of your choice, something that will identify this as the Zoom app for you on the Okta side, eg. Zoom. 
    • (Optional) App logo: Upload the Zoom logo if desired.
    • (Optional) App visibility: Check these options if you would like the Zoom custom app to show to your users in Okta.
      Screen_Shot_2017-12-11_at_4.46.19_PM.png
  6. Click Next.
  7. This will take you to the Configure SAML page. 
    • Single sign on URL: https://yourvanityurl.zoom.us/saml/SSO
    • Check Use this for Recipient URL and Destination URL 
    • Leave Allow this app to request other SSO URLs unchecked
    • Audience URI (SP Entity ID): https://yourvanityurl.zoom.us
    • Default RelayState: Leave blank. 
    • Name ID Format: Select EmailAddress.
    • Application username: Select Okta username.
    • Click Show Advanced Settings
    • Response: Choose Signed
    • Assertion Signature: Choose Unsigned
    • Signature Algorithm: Choose RSA-SHA256.
    • Digest Algorithm: Choose SHA256.
    • Assertion Encryption: You can choose either. If you choose encrypted, you will need to check the option for encrypted assertions on the Zoom side. If unsure, leave as Unencrypted.
    • Enable Single Signout: Leave unchecked.
    • Authentication context class: Choose PasswordProtectedTransport.
    • Honor Force Authentication: Choose Yes.
    • SAML Issuer ID: Leave blank.
    • Attribute Statements
      Name Name format Value
      email Unspecified User.email
      firstName Unspecified User.firstName
      lastName Unspecified User.lastName
      Add any other attributes that you want to pass such as department, title, etc. 
    • Group Attribute Statements: Leave blank.
    • Preview the SAML Assertion: You can click to preview the SAML assertion.
  8. Click Next.
  9. This will take you to the Okta feedback page. Enter your feedback if desired and click Next.
  10. Click View Setup Instructions.
    Screen_Shot_2017-12-11_at_6.46.40_PM.png
  11. This will open your Okta setup details.
    24284c91-94bf-437b-98ea-03da290a4da1.png
  12. In a separate tab, login to your Zoom SSO page
  13. Choose Configure SSO Manually.
    Screen_Shot_2017-12-11_at_6.52.05_PM.png
  14. Copy the Identity Provider Single Sign-On URL in Okta and paste it into the Sign-in page URL field in Zoom.
  15. Leave Sign Out Page URL blank in Zoom.
  16. Copy the Identity Provider Issuer in Okta and paste it into the Issuer (IDP Entity ID) field in Zoom. 
  17. In Okta, copy the X.509 Certificate between the BEGIN CERTIFICATE and END CERTIFICATE lines (do not include these). Paste this into the Identity Provider Certificate field in Zoom.
    Screen_Shot_2017-12-11_at_7.03.35_PM.png
  18. In Zoom, for Service Provider (SP) Entity ID, choose https://yourvanityurl.zoom.us
  19. For Binding, choose HTTP-Redirect
  20. For security, leave all unchecked unless you choose to send Encrypted Assertions on the Okta side. 
  21. In Zoom, choose Save Changes.
    e2831c73-dd6b-4c32-8ad8-7354f2785fc9.png 
  22. In Okta, click the Assignments tab.
    Screen_Shot_2017-12-11_at_7.13.47_PM.png
  23. Click Assign and choose if you want to assign it to a person or a group. If you want to assign it to all users, click Assign to Groups.
    Screen_Shot_2017-12-11_at_7.13.56_PM.png
  24. Next to everyone, click Assign.
    Screen_Shot_2017-12-11_at_9.04.01_PM.png
  25. Click Done.
  26. Your setup is complete and you should now be able to sign in to Zoom with Okta. To test, logout of your Zoom account and click Log In at https://yourvanityurl.zoom.us
Was this article helpful?
Have more questions? Submit a request