Single sign-on allows you to login using your company credentials. Zoom single sign-on (SSO) is based on SAML 2.0. Zoom works with Okta as well as other enterprise identity management platforms such as Centrify, Microsoft Active Directory, Gluu, OneLogin, PingOne, Shibboleth, and many others. Zoom can map attributes to provision a user to different group with feature controls.
Zoom acts as the Service Provider (SP), and offers automatic user provisioning. You do not need to register as a user in Zoom. Once Zoom receives a SAML response from the Identity Provider (IdP), Zoom checks if this user exists. If the user does not exist, Zoom creates a user account automatically with the received name ID.
- Business or Education account
- Approved Vanity URL
Note: If you don't already have an approved vanity URL, apply for your vanity URL (such as https://yourcompany.zoom.us) on your Account Profile page. You will need to wait for this to be approved before you can configure the SSO on the Zoom side.
First, configure your IdP to send us the following
- Any unique identifier linked to nameID such as edupersonTargetedID, persistentID, or mail
- (Optional) Accepted attributes are email (urn:oid:0.9.2342.19200300.
100.1.3), sn (urn:oid:220.127.116.11), and givenName (urn:oid:18.104.22.168).
Second, enter your SSO information at https://zoom.us/account/sso. See the attached example from your idP xml metadata.
- Sign-in page URL: <SingleSignOnService>
- Sign-out page URL: <SingleLogoutService>
- Certificate: <X509Certificate> *Note: Remove the Begin Certificate and End Certificate"
- Issuer: <ID of EntityDescriptor>
- Binding: Choose http-post or http-redirect
- Default user type: Basic or Pro
Lastly, once configured, you can get the SP metadata XML file from: https://yourcompany.zoom.us/saml/metadata/sp
Once configured, users can sign in with SSO.