Hello Zoom Community,
Our group supports a very large user base of 5,000 and looking for the best method for automatic account provisioning tasks. We currently run a hybrid method JIT (Just in time) with Okta and API calls to disable accounts.
I'm looking for feedback from a Zoom admin that has deployed Azure AD automatic user provisioning. If you could please depict any pros or cons it would be greatly appreciated!
Link Below:
Gandolf,
Both Okta and Azure support automatic provisioning through SCIM, and they are fairly similar in nature. The primary benefit to both of them is that they let your IdP be the source of truth for your user status since it will create the new users when they are added to the Zoom application in the IdP (immediately in Okta and within 45 minutes in Azure), and will deactivate them when they are removed from the application as well (same timeframes). Additionally, if you enable the SCIM updates, if you update the email in the IdP, it will push the update to Zoom.
Since SCIM works in conjunction with SSO (pushing data vs. pulling data), there is no real negative to adding it. The only thing to be aware of is that any of the fields that are in the SSO advanced mapping section will still need to be managed through SSO since the SCIM parameters only update the basic mapping attributes.
If this answers you question, please feel free to go ahead and click on 'Accept as Solution'
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.