Basic SAML Mapping allows you to designate a default User Type when users login to Zoom via SSO. You can also map specific SAML attributes being passed by your Identity Provider to email address, first name, last name, phone number, and department in Zoom. This allows you to pass this information automatically from your identity provider. The first name, last name, and email address fields only map to Zoom upon first login. All other fields map each time a user logs in.
You can also use Advanced SAML Mapping to assign users plans, roles or to groups based on the attributes being passed. Read more about Advanced SAML Mapping.
- Owner or Admin in Zoom
- SSO Configured
The SAML attributes and the corresponding values will need to be configured in your Identity Provider. Once you have configured them in your IdP, you can set up Basic SAML Mapping in Zoom.
To set up Basic SAML mapping in Zoom
- Login to your Single Sign-On Configuration page in the Zoom web portal.
- Click SAML Response Mapping.
- The first section of this page covers Basic SAML Information Mapping.
- Default user type: Click Edit next to change the default user type. If you choose None, no Zoom account will be created for users by default and they will be denied access to Zoom. You will need to use Advanced SAML Mapping to assign some users Zoom access. You can also use Advanced SAML Mapping to assign different user types based on the attributes being passed.
- All other fields: Click Map to SAML Attribute to edit. Enter the SAML attribute as it is being passed by your identity provider.
- After entering a value, you can edit it by clicking Edit or remove it by clicking Clear.