Zoom

Capabilities overview

Zoom brings people and teams together to get more done in a frictionless and secure video environment. An easy, reliable, and innovative video-first unified communications platform provides video meetings, voice, webinars, and chat across all devices and spaces.

Zoom pricing page

Supported capability Required plan Details
Passwordless SSO Business plan Medium SSO tax
Automated provisioning Business plan SCIM 2.0 (create, remove, update accounts)
Password manager Any Auto-fill / Auto-capture

Prerequisites

Before enabling Zoom Single Sign-On you need to make sure you have vanity URL configured and approved. Here is the documentation for how to do it.

Guidelines for Vanity URL requests
OverviewA Vanity URL is a custom URL for your company, such as yourcompany.zoom.us. You can apply for a Vanity URL or use a suggested Vanity URL from Zoom. This subdomain is required for configura...

You will also need to collect idemeum SAML metadata values. Here is what you will need:

  • Identity Provider Entity ID
  • Identity Provider SSO URL
  • Identity Provider Public X509 certificate

Instructions for how to obtain your idemeum SAML metadata parameters are below.

How to obtain SAML metadata for idemeum
SAML metadata is the data that describes the information needed to communicate with a SAML endpoint. For example, if Identity Provider (IDP) X wanted to allow Service Provider (SP) Y to request SAML responses, IdP X would share its metadata with SP Y and vice-versa. Each idemeum tenant has associate…

Single Sign-On (SAML)

Configure SSO in Zoom

  • Log in to your Zoom account
  • On the left-hand side go to Advanced
  • Choose Single Sign-On and click Configure SSO Manually
  • For Sign-in Page URL you will need to enter Identity Provider SSO URL that you collected from idemeum metadata in the previous section
  • For Identity Provider Certificate you will need to enter Identity Provider Public X509 certificate from metadata file
  • For Issuer (IDP entity ID) enter Identity Provider Entity ID from metadata file
  • Use HTTP POST binding
  • Choose SHA 256
  • Since we are going to be using SCIM provisioning for Provision user section choose Prior to sign-in
  • Save changes

Configure SSO in idemeum

  • Navigate to your idemeum admin portal at https://[your domain].idemeum.com/adminportal
  • Click Applications in the left menu
  • Search for Zoom application and click Add App
  • Click SAML at the top navigation menu
  • Enter the subdomain for your Zoom vanity URL. For instance, if vanity URL is https://idemeum.zoom.us then we need to enter idemeum
  • Save configuration

Automated provisioning with SCIM

  • Enter basic parameters such as app name, company name, and developer contact information
  • From App Credentials section copy JWT token as you will need it to configure provisioning in idemeum
  • Return to Zoom app configuration in idemeum. Navigate to Zoom app provisioning section.
  • For Access Token paste the JWT token you got from zoom
  • Save provisioning configuration

Application entitlements

Before users can access applications you need to make sure you entitle applications to them. In idemeum admin portal navigate to Entitlements section to assign applications to your employees.