cancel
Showing results for 
Search instead for 
Did you mean: 

SAML Response Mapping for "Employee Unique ID"

DBlankenship
Listener

Use Case:

I have a requirement to add a SAML Response Mapping to Employee Unique ID to avoid duplicate account creations when end users names change, specifically their email address.  This causes duplicate account creation and consumes a Zoom pro license.

 

Question:

If I enter <NameID> into the SAML Response Mapping for Employee Unique ID, what is the net effect to the end users when signing into their Zoom account using SSO?  Does <NameID> impact how end users authenticate using SSO or if they attempt to sign in with their email address and password at sign-on?

 

Thank you

Doug

1 REPLY 1

colegs
Community Champion | Zoom Employee
Community Champion | Zoom Employee

Doug,

 

So using <NameID> (or anything else for that is constant and unique for the user) will have not impact on the user experience.  The logic works like this:

 

1) First time the user signs in after you have mapped the Unique Id, it will associate that value to the user as their unique identifier.

2) User continues to use their email address to sign into SSO.

3) If in the future you change the user's email in your IdP, the user will start signing in using that email address.  When the response comes back with a different email but the known Unique Id, it will update the user's email in Zoom.

4) If for some reason you have to change the unique id (e.g. you switch IdPs), the user has to sign in with the known email address and the new Unique Id will be associated to their account.

 

I hope this helps.  If it answers your question, please click on 'Accept as Solution' below.