Important Notice: Please update all of your Zoom applications to version 5.0 or higher. After May 30, 2020, all Zoom applications on older versions will receive a forced upgrade when trying to join meetings as GCM Encryption will be fully enabled across the Zoom platform. Learn more on how to update your Zoom application or update now.

Note: As our world comes together to slow the spread of COVID-19 pandemic, the Zoom Support Center has continued to operate 24x7 globally to support you. Please see the updated Support Guidelines during these unprecedented times.



Setting up basic SAML mapping Follow

Overview

Basic SAML Mapping allows you to designate a default User Type when users login to Zoom via SSO. You can also map specific SAML attributes being passed by your Identity Provider to email address, first name, last name, phone number, and department in Zoom. This allows you to pass this information automatically from your identity provider. Email address will be mapped only to Zoom at first login. By default, first name and last name are also only mapped at first login, but you can choose if you want them to be updated at each SSO login. All other fields map each time a user logs in. 

You can also use advanced SAML mapping to assign users plans, roles or to groups based on the attributes being passed. 

Prerequisites

  • Owner or admin in Zoom
  • SSO configured

Instructions

The SAML attributes and the corresponding values will need to be configured in your Identity Provider (IdP). Once you have configured them in your IdP, you can set up basic SAML mapping in Zoom.

  1. Sign in to the Zoom web portal.
  2. In the navigation menu, click Advanced then Single Sign-On.
  3. Click the SAML Response Mapping tab.
    You will see the following attributes in the SAML Basic Information Mapping section:
  • Default user type: Click Edit next to change the default user type. If you choose None, no Zoom account will be created for users by default and they will be denied access to Zoom. You will need to use Advanced SAML Mapping to assign some users Zoom access. You can also use Advanced SAML Mapping to assign different user types based on the attributes being passed. 

For all other fields, click Map to SAML Attribute and enter the SAML attribute as it is being passed by your identity provider:

  • Phone number: The phone number attached to the user's profile. If you have Zoom Phone, this is not the user's Zoom Phone number. 
  • Personal Link Name: The alias used for the user's personal meeting URL. For example, https://mycompany.zoom.us/my/grant
  • Zoom Phone Ext Number: The extension number for Zoom Phone users. Some extension numbers are reserved
  • Zoom Phone Number: The direct phone number for Zoom Phone users. Users must have a Zoom Phone calling plan in order to have direct phone numbers. Calling plans can be specified in the Advanced SAML Mapping section. 
  • Employee Unique ID: The unique ID for the user. Use this for simplifying the process when users change their email address. If your unique ID is in the NameID element, enter <NameID> instead.

After entering a value, you can edit it by clicking Edit or remove it by clicking Clear.