Showing results for 
Search instead for 
Did you mean: 

Does MFA work with SSO?


We are trying to solve the business problem of not allowing all employees to not use Zoom on their phones. We have some priveledge info in our chats and do not want it on all employee cell phones. We implemented SSO with the desktop client to make it easier for all to sign into Zoom chat when they login to their PC's. Then we noticed the chat feature is also viewable on the app from the app store. So we are now trying to implement MFA. This seems to work if you don't log in with SSO. So my question is how do I get the best of both worlds? Has anyone tried this?


Community Champion | Zoom Employee
Community Champion | Zoom Employee

Hello @WhatAmIDoing


 I am not sure that I am following your ask. SSO and MFA are basically the same things. A way for a user to authenticate to a device. So, it is an either or situation, but neither of them can keep users from downloading the app to their devices. You can do this through an IDP. Zoom uses Okta for our MFA so when employees log in to their account through our vanity URL {} then it will send them a push notification to their phone. (this is an old method now, but it is what we used to use) I do not know of a way to NOT allow users to download the app to their cell phones, but I would imagine that if you were using MDM (mobile device management) there is most likely a system configuration to block certain apps on your employees phones. 


So, when I say I do not know a way to stop it. I mean on the Zoom side, we do not have a setting that I am aware of to stop your employees from downloading the app to their phones. Let me confer with my colleagues and get back to you on this ask though. I am sure that I can help you further with this use case. 




If this response was helpful for you, please do not forget to click on the accepted solutions button!