Setting up basic SAML mapping in zoom App
By using Basic SAML Mapping, you can set a default License Type when users sign in to Zoom via SSO. Additionally, you can map SAML attributes passed by your Identity Provider to Zoom, such as email address, first name, last name, pronouns, phone number, and department. Your identity provider can automatically pass this data to Zoom. Zoom will only map an email address at first login, unless you begin mapping an Employee Unique ID. By default, first name and last name are only mapped at first login, but you can choose whether to have them updated at each SSO login. The remaining fields are mapped when the user logs in.
Advanced SAML mapping can also be used to assign users add-ons, roles, or to groups based on the attributes passed.
Prerequisites for setting up basic SAML mapping
- Owner or administrator of Zoom
- configured for SSO
How to set up basic SAML mapping
Your Identity Provider (IdP) must be configured with the SAML attributes and the values associated with them. Getting started with SAML mapping in Zoom is easy after you configure them in your identity provider.
- You will need to sign in to the Zoom web portal.
- To do this, click Advanced in the navigation panel.
- Click the SAML Response Mapping tab.
You will see the following attributes in the SAML Basic Information Mapping section:
- Changing the default license type is as simple as clicking Edit next. Zoom accounts for users will not be created automatically if you choose None, and they will not be able to access Zoom. It will be necessary to assign some users Zoom access while preventing others with advanced SAML mapping. A user type can also be assigned based on the attributes passed in advanced SAML mapping.
All other fields should be mapped to SAML attributes, which should be entered as they are passed by the identity provider:
- Email Address: The email address associated with the user’s profile and the email address they will use to access your IdP. At first login, Zoom will map this unique ID to this user, which is the default way for it to identify them.
- Username:
- The last name of this person
- This is a nickname or preferred name rather than their official name.
- Pronunciation:
- Zoom contacts are able to see users’ pronouns in their profiles as part of their profile card in the desktop client and mobile app when pronouns are enabled at the account level. Users will have the option to share their pronouns in meetings and webinars. A version of 5.7.0 or higher is required.
- Using your IdP, you can provide your users with their pronouns and prevent them from updating the field.
- Contact information: The contact information associated with each user’s account. Through profile customization, users can add up to three external phone numbers. There is no Zoom Phone number associated with this user. You can add phone numbers with labels by clicking Add Numbers with Labels.
- Organization
- Position
- City/State
- Photograph
- A user’s personal meeting URL is identified by an alias called “Personal Link Name.”. For instance, https://mycompany.zoom.us/my/grant.
- Organization.
- Administrator.
Please note that Zoom needs to enable this feature for you. The feature will be enabled in 3 business days after contacting support. - Cost Center
- Zoom Phone Ext Number: The extension number for Zoom Phone users. Some extension numbers are reserved.
- Zoom Phone Number: The direct phone number for Zoom Phone users. Users must have a Zoom Phone calling plan in order to have direct phone numbers. Calling plans can be specified in the Advanced SAML Mapping section.
- Employee Unique ID: The unique ID for the user. Use this for simplifying the process when users change their email address. If your unique ID iYou should enter *NameID> instead if your unique ID is in the NameID element.e unique ID will become the new unique identifier for each user after they have signed-in with SSO, and replaces their Email Address as unique ID.
- Configuring this SAML attribute requires your account to have an approved Associated Domain.
After entering a value, you can edit it by clicking Edit or remove it by clicking Clear.