Group Sync via SCIM | Community
Skip to main content
M
Explorer
MattS
Explorer
December 16, 2022
Solved

Group Sync via SCIM

  • December 16, 2022
  • 3 replies
  • 21 views

Zoom really needs to consider adding a full group sync schema to their SCIM implementation so that enterprise customers can easily manage syncing active directory group membership to zoom. This is a foundational thing that would allow easier automation of group and role management. 

 

Currently there are two methods for syncing groups to zoom, and both are sub-optimal for enterprise scale. 

1. Group Sync via SAML. When user logs in via SSO identity provider can send group membership. This works on a small scale but (a) does allow full group membership, instead it syncs 1 group based on rank priority. (b) there are limits to the number of groups that can be passed in this method.

2. The SCIM user schema includes ability to pass named groups go zoom via a single attribute. However this is not practical without creating additional automation in the identity provider to create an attribute with group names.

 

Bottom line - the SCIM standard solved this issue by enabling ability to sync group membership. Zoom would need to add this to their SCIM implementation.

      Best answer by MattS

      FYI, looks like zoom finally enabled this feature. last Thursday (8/31/23) our azure groups assigned to the zoom app where automatically synced to zoom groups via SCIM. We can finally move away from advanced SAML mapping which has always been clunky and limited in capability. 

      3 replies

      Ray_Harwood
      Community Super Champion | Customer
      Ray_Harwood
      Community Super Champion | Customer
      December 16, 2022

      Zoom has a process for handling Feature Requests such as the one you describe. You can use this Zoom web page to enter your feature request for Zoom's consideration, since they don’t track suggestions entered in the Zoom Community:
      https://www.zoom.us/feed 

      M
      Explorer
      MattSAuthor
      Explorer
      December 16, 2022

      Yep, I am aware and have previously submitted an official feature request. I get the sense that its low probability it would go anywhere since the feature isn't directly related to any one product. It's more of a foundational thing. 

       

      Mostly posting here to see what others think. On that note It would be much better if zoom exposed feature requests more openly. 

      M
      Explorer
      MattSAuthorAnswer
      Explorer
      September 5, 2023

      FYI, looks like zoom finally enabled this feature. last Thursday (8/31/23) our azure groups assigned to the zoom app where automatically synced to zoom groups via SCIM. We can finally move away from advanced SAML mapping which has always been clunky and limited in capability. 

        Ray_Harwood
        Community Super Champion | Customer
        Ray_Harwood
        Community Super Champion | Customer
        September 5, 2023

        Thanks for the update, @MattS.  

        W
        Newcomer
        wetpineapple
        Newcomer
        February 26, 2024

        This is first post I can find on this issue. I have spent a few weeks with Zoom on this issue and they are not able to figure it out. Does anyone have a link or info on how to set up group mappings with Entra? I try to add a group claim and unable to for Zoom. Sounds like it should work from comments below. User provisioning works great, groups fail but I can't find the fix

        Ray_Harwood
        Community Super Champion | Customer
        Ray_Harwood
        Community Super Champion | Customer
        February 26, 2024

        Welcome to the Zoom Community, @wetpineapple.

         

        I don't often see folks here in the Zoom Community with SAML/SCIM-related questions (or answers).  Hopefully either @MattS or my buddy @Frank_TB might be able to assist!

        Terms & ConditionsAccessibility statement
        Copyright © Zoom Communications, Inc. All rights reserved.