Note: As our world comes together to slow the spread of COVID-19 pandemic, the Zoom Support Center has continued to operate 24x7 globally to support you. Please see the updated Support Guidelines during these unprecedented times.

Configuring Zoom with Azure Follow


You can connect Zoom with Azure to use your company's Azure credentials to login to your Zoom account via Single Sign-On (SSO). You can assign users Zoom licenses based on their group in Azure.

This article covers:


  • Zoom owner or admin privileges
  • Business or Education account with approved vanity URL
  • An Azure AD subscription

Adding Zoom from the Azure Gallery

Note: Screenshots in this article were taken using the default Azure theme. Your Azure portal will look slightly different if you changed the theme.

  1. Sign in to the Azure portal.
  2. Click Azure Active Directory in the left panel.
  3. Click Enterprise Applications.
  4. Click All Applications.
  5. Click New Application at the top of the window.
  6. In the Add from Gallery window, search for Zoom.
  7. Click Zoom in the Telecommunications category.
  8. Click the Add button on the right side.

Configuring Single Sign-On

  1. In the Azure portal, on the Zoom application page, click Single sign-on.

  2. Under Select a single sign-on method, select SAML.
  3. Click the edit icon for Basic SAML Configuration.
  4. Fill out the following fields:
  5. Click Save.
  6. To view the claims being passed by Azure, click the pencil icon in the UserAttributes section.
  7. Under SAML Signing Certificate, click Download next to Certificate (Base 64) and save it to your computer.

    Note: Check that the certificate's status is active. If it is listed as inactive, click the Edit button, and click Make certificate active.
  8. Click Save at the top.
  9. Scroll to Set up Zoom
    Note: You can also click View step-by-step instructions, to access the quick reference guide, and download your Azure AD Signing Certificate if you did not in step 7.
  10. Open a new browser tab/window and login to the Zoom web portal.
  11. Navigate to the Single Sign-On page.
  12. Copy the Azure AD Single Sign-On Service URL from Azure and paste it into the Sign-in page URL field in Zoom.
  13. Open the certificate you downloaded in Step 5 in a text editor. Copy the portion between -----BEGIN CERTIFICATE----- and -----END CERTIFICATE----- and paste it into the Identity provider certificate field in Zoom.
  14. For Service Provider (SP) Entity ID, select the version of your vanity URL without https, eg.
  15. Copy the Azure AD SAML Entity ID from Azure and paste it into the Issuer (IDP Entity ID) field in Zoom.
  16. In Azure, click on All Services on the left.
  17. Search for and click App registrations.
  18. Click Endpoints.

  19. Copy the SAML-P Sign-out Endpoint and paste it into Sign-out page URL in Zoom.
  20. In Zoom, for Binding, select HTTP-Post.
  21. Click Save Changes.

Assigning Azure users and groups to Zoom

  1. In the Azure portal, click Azure Active Directory.
  2. Click Enterprise Applications.
  3. Click All Applications.
  4. Click Zoom.
  5. Click Users and groups.
  6. Click Add user.
  7. Click Users and groups.
  8. Search for the user or group you want to add.
  9. Click it and a check mark will appear next to the name.
  10. Click Select.
  11. Click Select Role.
  12. Select the role type that you would like to designate in Azure. This information will not be passed to Zoom. The Role type in Zoom will be set based on SAML Mapping. Alternatively, you can set up group mapping to have the role type passed on to Zoom.
  13. Click Select.
  14. Click Assign.


Setting up Group Mapping (Optional) 

Follow these steps if you want to the Azure user role to Zoom. See the previous section for instruction on how to assign a user role.

  1. In the Azure portal, click Azure Active Directory, then click App registrations.
  2. Select All apps in the drop-down menu.
  3. Select Zoom in the app list, then click Manifest to edit it.
  4. Find the property "groupMembershipClaims" and change the value from null to "SecurityGroup". This allows the group claim to be passed to Zoom.
    Note: The values are case sensitive.
  5. Click Save.
  6. Go back to main menu and click Azure Active Directory then Groups.
  7. Select the group that you want to create mapping for and copy the Object ID for future use.
  8. Log in to your Single Sign-On Configuration page in the Zoom web portal.
  9. Click the SAML Response Mapping tab.
  10. In the SAML Advanced Information Mapping section, click Edit then Add.
  11. Enter the following information:
    1. SAML Attribute: Enter If the above attributes doesn't work, use
    2. SAML Value: Paste the Object ID from step 7.
    3. ResultingValue: Select the expected user type for group members.
  12. Repeat steps 10 and 11 to configure additional group mapping for each user type.

Mapping Basic Information

  1. Login to your Single Sign-On Configuration page in the Zoom web portal.
  2. Click SAML Response Mapping.6b903e05-c5fa-415a-84fc-bf5a5945d950.png
  3. The first section of this page covers Basic SAML Information Mapping.
  4. Add the Source Attribute listed below for the corresponding value.
    Name Source Attribute
    Email Address
    First Name
    Last Name
    Phone Number

Set up Auto Provisioning in Azure AD

Auto-provisioning allows the management of users within Zoom from Azure. If a user is added to Azure and/or assigned the Zoom app, they will be provisioned in Zoom automatically. If the user is unassigned or deactivated in Azure, they will be deactivated in Zoom as well. 

  1. Sign in to the Azure portal.
  2. Click Azure Active Directory in the left panel.
  3. Click Enterprise Applications.
  4. Click Zoom.
  5. Click Provisioning.
  6. Fill in the fields under Admin Credentials:
  7. Click Test Connection, to confirm that Azure is able to connect to Zoom via API. 
  8. Leave the Default Mapping as below:
  9. Set Provisioning Status to On.
  10. Choose Scope.
  11. Click Save.