Changing User Email Address with SSO Enabled

dfuentes · ‎2021-09-09

I recently performed an email address change in our IdP (Azure AD) and it resulted in a new Zoom account being provisioned instead of the previous account being updated to use the new email address. I then came across this KBA that states to contact support to get it changed: https://support.zoom.us/hc/en-us/articles/201362563-How-Do-I-Change-the-Email-on-My-Account-

Is there no way to have the email address change in our IdP to propagate to the existing Zoom account to be updated? We're starting to harden our security posture when it comes to users in higher-risk roles by changing their email address from our standard naming convention and I'd really like to avoid having to reach out to Support anytime there's an email address change.

colegs · ‎2021-09-09

Dfuentes,

Thank you for checking in with the Zoom Community!

You have 2 options for how to enable the email to be changed in the IdP:

1) If you have a unique id in the IdP, you can pass it in the attributes and map it to the Unique Id on the Zoom side. Once the user signs in to link those ids, you would be able to update the email on the IdP and Zoom would use the unique id to ensure that the correct user is updated.

2) If your IdP supports SCIM with Zoom, you can set that up so that changes are pushed to Zoom without the user having to sign in. The standard SCIM implementations are able to update the email address if it is changed in the IdP. As and FYI, using SCIM is a best practice since it also enables you to disable users if they are deactivated in the IdP, so you are able to keep the systems in Sync.

Hopefully that answers your question. If you found this response useful, please click on 'Accept as Solution'.

Communication

Productivity

Apps & Integration

Spaces

Employee Engagement