Viewing recordings with external single sign-on in Zoom App
Authentication allows hosts to limit which participants will have access to cloud recordings by limiting them to those who are already logged in to Zoom and even to those whose email addresses contain a specific domain address, which can be configured by the host.
It is possible to configure a single sign-on process for external connections as an account administrator. External authentication allows you to use Zoom for external users without them being members of the Zoom account. However, the users must have an email address with a verified domain to be able to use Zoom. Please keep in mind that whenever you make this change, it will only have an impact on future cloud recordings that are made using this setting in the future. The authentication profile needs to be disabled and enabled again before any changes can be made to the settings in past cloud recordings, in case you want to make changes to those settings in past cloud recordings.
It is important for viewers to keep in mind that if they try to view a recording and don’t meet the minimum authentication requirements, such as not being logged in with the correct email domain and not being logged on to the account, they will receive a message that they do not have permission to view the recording.
As long as the host and administrator of a cloud recording do not change the share settings for that recording, the old link will continue to work even if the new share settings are updated.
-
If authentication profiles are enabled, administrators have the option of allowing authentication exceptions, which means that no matter what role guests hold, they are able to bypass the authentication process in order to view recordings regardless of their roles. It is possible to configure an exception that allows external users to view recordings of meetings if you authenticate meeting participants against their domain IDP.
-
Whenever a meeting administrator updates the authentication profile for a meeting, this update will only be applied to future meetings that are scheduled after this update is made. It is then necessary for the host or admin to enable or disable the authentication profile settings so that their changes will apply to the future meetings, or if disabling is not an option, they should change the authentication option instead.
Prerequisites for viewing recordings with external single sign-on
-
A Pro account, a Business account, an Education account, or an Enterprise account
-
User with a license
-
Recordings can be done via the cloud
How to configure external single sign-on
The authentication profiles that use single sign-on must be taken care of as a separate integration that does not already have an association with a Zoom SSO integration in place. Taking the following example as an example:
-
Okta: Make a custom app instead of using the pre-built Zoom app that comes with Zoom.
-
Azure: Set up an application called Gallery in the Azure portal.
In our Support article there is a lot of information regarding how to configure external SSO, as well as how to configure an authentication profile through external authentication to be included in the single sign-on process- for more information on how to configure external SSO, please take a look at our Support article.
How to configure the Azure app for authentication to view recordings
-
Access Microsoft Azure by signing in.
-
You will find Azure Active Directory in the navigation menu on the left side of the screen.
-
Click on Enterprise applications from the left navigation menu, which is located under Manage, and select All applications from the drop-down list.
-
Click on the + New application button at the top of the page.
The Browse Azure AD Gallery page will be displayed after you click on the button. -
You will need to type “zoom” in the Search application box on the left side of the screen.
-
The Zoom application can be found in your search results by clicking on the Zoom icon.
It will slide out a panel on the right side of the screen. -
Choose the Zoom application from the right panel and give it a name.
-
If you want to create an application for Zoom, click Create.
-
The Zoom application that you have just created should now be open.
-
Set up single sign-on with SAML by going to the left navigation menu and clicking on Manage.
-
It is possible to edit these fields by clicking Edit under Basic SAML Configuration.
-
Using the Edit button next to User Attributes & Claims, you can change the values in the fields.
-
-
Save your changes by clicking on the Save button.
-
Give this Azure user permissions to access this application by assigning them to the application as follows:
-
The Overview menu can be found on the left navigation bar of your Zoom application.
-
In the Assign users and groups tile, click on the Assign user and group button.
-
How to configure the Okta app for authentication to view recordings
Single sign-on makes it possible for you to sign into your Zoom account using the same credentials that you use at work to access your work network. It is possible to establish a connection between Okta, the identity provider (IDP), and Zoom, the service provider (SP), in order to be able to connect directly to the Zoom account of users who use Okta, the identity provider (IDP), and Zoom, the service provider (SP).
It is very simple to manage users to authenticate in order to view recordings once your Okta account has been configured with Zoom through these instructions.
Sign in to Okta as an admin
-
Make sure you are logged in as an administrator in Okta.
-
Click on the Admin button in the top right of the page to open the admin portal, which is located at the top of the page.
-
Click on the Classic UI button at the top of the portal to access the Classic UI.
-
You will now be taken back to your dashboard on Okta.
Add a new Zoom custom app to Okta
To learn more about how to add the Zoom custom app to Okta, please consult the Support article on how to do so.
-
Click Is Okta a customer or a partner? Add an internal app if you are an Okta customer.
-
Please select this checkbox under App type: This is an internal app made by our company.
-
Please click Finish to finish.
Connect Zoom and Okta to allow authentication to view recordings
A trusted relationship between Zoom and Okta is necessary for communication to occur.
FAQs?
All images and contents credit goes to support.zoom.us.com