Single sign-on allows you to login using your company credentials. Zoom single sign-on (SSO) is based on SAML 2.0.
Zoom acts as the Service Provider (SP), and offers automatic user provisioning. You do not need to register as a user in Zoom. Once Zoom receives a SAML response from the Identity Provider (IdP), it checks if this user exists. If the user does not exist, Zoom creates a user account automatically with the received name ID.
First, login at https://zoom.us/account/sso. If you have a paid business or education account, you will see this option.
Second, you need to apply for a vanity URL for your company, like https://yourcompany.zoom.us.
- Go to my Account and enter you desired vanity URL.
Third, configure your IdP to send us the following
- Any unique identifier linked to nameID such as edupersonTargetedID, persistentID or mail
- (Optional) Accepted attributes such are email (urn:oid:0.9.2342.19200300.
100.1.3), sn (urn:oid:184.108.40.206) and and givenName (urn:oid:220.127.116.11).
Lastly, enter your SSO information at https://zoom.us/account/sso. See the attached example from your idP xml metadata.
- Sign-in page URL: <SingleSignOnService>
- Sign-out page URL: <SingleLogoutService>
- Certificate: <X509Certificate> * Note: Remove the Begin Certificate and End Certificate"
- Issuer: <ID of EntityDescriptor>
- Binding: Choose http-post or http-redirect
- Default user type: Basic or Pro
Fourth, once configured, you can get the SP metadata XML file from : https://yourcompany.zoom.us/saml/metadata/sp
To start, all SSO users need to access https://yourcompany.zoom.us to login using a browser, or if you login from the desktop or mobile client, you need to enter domain name of your vanity URL under SSO login.