Getting started with associated domains in zoom app
By using associated domains, you can add and create users whose email addresses match the domains of your organization (e.g. @zoom.us). It is possible for you to enable a setting in Zoom to prompt all users who sign in with the specified domain to add Zoom as their account once you have verified your associated domain with Zoom. By adding a domain associated with your organization, you will also be able to enforce single sign-on login for your employees.
In addition to learning more about advanced Associated Domain configurations, you can also learn more about how they affect users once your associated domain has been approved.
Prerequisites for associated domains
-
Accounts for Business, Enterprise, and Education can be created here
-
Ownership or administrative privileges of the account
-
An organization’s own domain that is owned by the organization
Note: It is not possible to use some domains, such as @gmail.com or @outlook.com, due to their restrictions.
How to add a custom domain to your account
Your account can be customized by adding a custom domain by following these steps:
-
As an admin, you will be able to edit account settings when you sign in to the Zoom web portal as an administrator.
-
You can access your account profile by clicking on Account Management in the navigation menu.
-
Go to the Account Profile tab and click on it.
-
Click on the +Add Other Domains link under Associated Domains.
-
Click Add Domains to add one or more associated domains to your account by typing their names (separated by commas) in the Add Associated Domains dialog box. Click Done.
-
Click on the Verify button next to the newly added domain name under the Associated Domains section.
-
Choosing one of the methods for verifying your domain will allow you to proceed to the next step of the process.
-
Upon reaching the next page, you will be directed to follow the instructions.
Each of the methods of verification is displayed on this page in a different way:-
It is important to add a TXT record to your domain
-
Your domain should have an HTML file that you can upload
-
It is a good idea to add a meta tag to the home page of your domain
-
If you would like to request manual approval from Zoom Support, please submit a request
-
-
Upon adding the appropriate information or uploading it, check the check box that says that you’ve done so, and then click Verify Domain.
An indication that verification of the domain is in progress can be seen by the (Verifying) label displayed next to it. As long as the domain is still under verification, the label will remain there until the domain is considered verified at which point the label (Verified) will appear. Verification can take as little as an hour or as long as a few days, depending on the method used.
As a result, you can view verification details if verification has not been completed in the timeframe expected. If you don’t appear to be able to complete the steps correctly, you will see a screen that displays the verification steps for your verification method, allowing you to try again if necessary. To complete the process, click the Verify Again button if you need to retry the steps.
*Note: The TXT record will no longer be required by Zoom once the domain has been verified by Zoom.
How to manage associated domains and accounts
The admin allows you to add, verify, and manage accounts on multiple domains under one account, which allows you to consolidate accounts from multiple domains into one account after adding and verifying your domain.
Note: The user will have an option to skip joining the account when they receive a notification inviting them to do so. However, they will only be able to skip joining the account two times. Three times of notification will lead to a forced joining or new account creation. The account of a person who skips a third time will be locked.
Accounts and domains associated with a domain must be managed as follows:
-
Zoom’s web portal can be accessed by signing in.
-
Account Profile can be accessed in the navigation panel by clicking on Account Management.
-
Select Account Profile from the menu.
-
Check the boxes next to the options you wish to enable under Associated Domains.
-
Manage users in the same domain: The Zoom account creation process will prompt you to use a different email address if you use an email address from this domain. You will need to change the email address of all existing users of this domain who do not have your account.
-
Allow users with the same domain to consolidate into this account: Consolidating existing accounts or changing login email addresses will be offered to existing users. It will take them up to three attempts to sign in before a forced choice is made.
-
Allow users with the same domain to sign up for Zoom: Zoom accounts can be created using email addresses associated with domains. In this case, they could register using name@mydomain.com if their domain is mydomain.com. An email will be sent to these users to activate their accounts. Upon logging in, they will be offered the option of consolidating into the managed account or changing their email address. As a default, this setting is disabled and the option to Manage users with the same domain must be enabled in order to enable it for this setting to work.
Note: In order to allow users with the same domain to consolidate their accounts into one account, it must be enabled in the Allow users with the same domain to consolidate into one account setting. It will be impossible for you to enable this setting if you force your users to use SSO in order to sign in.
-
-
Click on the Save button.
It is possible to display the User Summary when it is configured. -
Click on View User Summary and then Send an Email to notify any existing Zoom users associated with this domain that they will need to update their information in order to use this domain.
Detailed information about the Configuration of Associated Domains, how they affect users, as well as notification to users, can be found in the article describing advanced configuration of Associated Domains.
How to view existing associated domains
If you would like to see all existing domains associated with your account:
-
Zoom’s web portal can be accessed by signing in.
-
Select the Account Management option from the navigation panel and then select Account Profile from the drop-down menu.
-
Go to the Account Profile tab and click on it.
-
A list of all domains related to your account is available under Associated Domains, along with a status indication of whether the domains have been verified.
-
Click View Users Summary if your account has verified your users, and then you will be able to see how many users match your criteria are already on your account as well as how many are not yet.
-
You can either verify the domain if it is not verified or you can delete it if it is not verified.
-
Note: It is imperative that the owner or administrator of the account contacts Zoom Support in order to request the removal of the associated domain.
How to require single sign-on login with associated domains
After you have verified a domain associated with this account, you can force SSO login using the domain associated with the account.
Note: To be able to use this feature, you must be able to manage users in the same domain.
-
Zoom’s web portal can be accessed by signing in.
-
You can access the Advanced menu by clicking on the Security link in the navigation menu.
-
To enable or disable Single Sign-On (SSO) for users, you can enable the toggle under Sign-in Methods, which can be found under Sign-in Methods.
-
The required SSO check box should be selected if the e-mail address of the user is associated with one of the domains listed below.
-
To select a domain, click on the Select Domains button.
-
Make sure the checkboxes of the domains which may be required to sign in through SSO are selected.
-
There is also an option to enable the bypassing of the SSO sign-in process for specific users, so that they can log in with their email address and password instead of logging in through SSO. Click on + Add Users under Specify users who can bypass SSO sign-in. Separate each address with a comma so that they can be contacted by email.
-
Save the file by clicking the Save button.
Note: It will be sent an email to new SSO users whose email addresses do not match the approved domain associated with your account and who require their email address to be verified.