The Zoom Community is here!
We welcome all Zoom customers to come together on the Zoom Community to ask questions, find solutions,
and collaborate with peers. Login with your Zoom account credentials and start collaborating!

Zoom Support Maintenance: 9/18/2021

Date and time: 9/18/2021 at 1PM PST for 10 hrs 30 min

We will be performing routine maintenance for Zoom Support. During this time, users may experience system delays or longer than expected wait times when contacting Zoom Support via phone, chat or web submission. All other request methods, based on your plan, will be available during this time. Please refer to https://support.zoom.us/hc/articles/201362003 for available contact options.

Affected components: Zoom Support Center

Quick start guide for SSO Follow

Overview

Single sign-on allows you to login using your company credentials. Zoom single sign-on (SSO) is based on SAML 2.0. Zoom works with Okta as well as other enterprise identity management platforms such as Centrify, Microsoft Active DirectoryGluuOneLoginPingOneShibboleth, and many others. Zoom can map attributes to provision a user to different group with feature controls.

Zoom acts as the Service Provider (SP), and offers automatic user provisioning. You do not need to register as a user in Zoom. Once Zoom receives a SAML response from the Identity Provider (IdP), Zoom checks if this user exists. If the user does not exist, Zoom creates a user account automatically with the received name ID. 

This article covers:

Prerequisites 

  • Business or Education account
  • Approved Vanity URL

Note: Without an approved Associated Domain, users will need to confirm to being provisioned on the account through an email automatically sent to them. Provisioning will take place without email confirmation for any users falling under an approved domain.

Configuring SSO

Note: If you don't already have an approved vanity URL, apply for your vanity URL (such as https://yourcompany.zoom.us) on your Account Profile page. You will need to wait for this to be approved before you can configure the SSO on the Zoom side. 

First, configure your IdP to send us the following

  • Any unique identifier linked to nameID such as edupersonTargetedID, persistentID, or mail
  • (Optional) Accepted attributes are email (urn:oid:0.9.2342.19200300. 100.1.3), sn (urn:oid:2.5.4.4), and givenName (urn:oid:2.5.4.42).

Second, enter your SSO information at https://zoom.us/account/sso. See the attached example from your idP xml metadata. 

  • Sign-in page URL: <SingleSignOnService>
  • Sign-out page URL: <SingleLogoutService>
  • Certificate: <X509Certificate>  *Note: Remove the Begin Certificate and End Certificate"
  • Issuer: <ID of EntityDescriptor>
  • Binding: Choose http-post or http-redirect
  • Default user type: Basic or Pro

Lastly, once configured, you can get the SP metadata XML file from: https://yourcompany.zoom.us/saml/metadata/sp

Once configured, users can sign in with SSO

Enabling or disabling automatic SSO certificate rotation

Admins can enable or disable a setting to automatically manage the SSO certificate. Zoom will automatically change the certificate when a new one is available. Admins can also roll back to a previous certificate. This setting is enabled by default.

For updates on new SSO certificates, see our release notes for Web.

  1. Sign in to the Zoom web portal.
  2. In the navigation menu, click Advanced then Single Sign-On.
  3. Click Edit in the top-right corner.
  4. In the Service Provider (SP) Entity ID section, check or uncheck Automatically manage the certificate.