Showing results for 
Search instead for 
Did you mean: 

SSO login, auto-provisioning and exceptions




I'm setuping SSO in my business with Azure, I started long time ago, so it's possible some parts of my memories are missing, but I will take advantages of my notes.

I followed multiples documentations, Zoom and Microsoft ones, for records, main ones:

And 2 months ago, I was stuck in Zoom change regarding "The JWT app type will be deprecated", so put it on ice until OAuth will be available.

Now I'm back in, and I want to finish this installation, enable auto-provisioning, that's will be convenient but some accounts are not linked with AD, so I found a thread whom manage those special accounts/exceptions, and here here mentioning force SSO login, and add exception for work email connection but I'm not sure if it will be able to cohabitate with auto-provisioning.

As I understand, bypass provide ability to exceptions to login with email address, but it will be able to not be deleted by auto-provisioning ?

I still searching, but OAuth, previously JWT, is requested for auto-provisioning, right ?
SSO is functional, not forced but works 100%, so I'm questioning utility of OAuth.


Zoom Moderator
Zoom Moderator

Hey @stephane_payet I see that you have already opened a ticket with our Zoom support team. I would advise sticking with them to make sure your account and problem are resolved. If Zoom support was able to offer you a solution, kindly pass it along so that others in the community can ask a question that is similar to yours. 


Thank you! Let me know how else I can help within the community. 

Zoom Community Moderator

Have you heard about Zoom AI Companion? ➡️ Check it out!




Yes, I opened in parallel, my thread was marked as spam, so I doubled my chance.


It's pretty resolved, only need implement auto-provisioning and it will be finished.


For records, here are my results
I joined my domain to Zoom;
As soon it was associated I was able to tick Manage users with the same domain and Allow users with the same domain to consolidate into this account. The both options looks change anything in user side, my accounts appeared to be created inside my Zoom account so nothing to notice here.
Only one thing, when I ticked Allow users with the same domain to consolidate into this account it shown my a disclaimer saying there are x number of account to consolidate, but no one communicate to me, wait and see.
As soon Manage users with the same domain was enable, I also was enable to change as quoted here, I tested all bypass accounts are ok to login
More specific, if you put those bypass in login page it will connect as usual, if you put an SSO account it will login through SSO (no need to click on the key SSO)


Now I will wait this Thursday to implement auto-provisioning with OAuth and see if bypass accounts will also bypass auto-provisioning


I'll keep you informed