cancel
Showing results for 
Search instead for 
Did you mean: 

Sync Profile pictures from Azure AD

ctaveras
Listener

I am trying to Sync Azure AD Profile pictures for all users to Zoom

I am trying to find info on this but cannot  find any valid documentation anywhere.

 

I found articles with people using ADFS to do this but i got rid of ADFS not going back.

 

Does anyone have any information on whether this is possible, I have an ongoing tickect with support but were going in circles

9 REPLIES 9

RN
Zoom Moderator
Zoom Moderator

Hey @ctaveras, The best way for your picture mapping is on your organization public running in HTTPS, so you can path the picture on your mapping using the HTTPS (secure channel) and also accessible publicly (not behind the firewall). 

Also on the mapping, you should use the transformation. And follow the info below:
Name: profilepic
Source: Transformation
Transformation: Join()
Parameter1: https://your-image-server/picture example https://mydomain.com/picture (your naming convention for your save picture on the server should be same as on your user principal name)
Parameter2: user.principalname. . You can see the user principal name at user profile -> "User Principal Name"

​​​

 

You just need to have the direct URL for each photo of the users. Let me know if this provides you with some guidance! 

_______________________________________________________

Leverage cool features and how to's from the Community Center. If my reply helped, don't forget to click the accept as solution button! ⤵️

RN
Zoom Moderator
Zoom Moderator

Hey @ctaveras, just checking in on my reply! Just curious if this was helpful! 🙂

_______________________________________________________

Leverage cool features and how to's from the Community Center. If my reply helped, don't forget to click the accept as solution button! ⤵️

DDIT
Listener

Hello. I found this discussion from a google search. I understand the reply from @ctaveras , but that assumes we host our users profile pictures on a public website, which we don't. We would like to use the Azure AD profile picture, which can be discovered in the Graph API here: https://graph.microsoft.com/beta/me/photo/$value

 

However, simply creating a new claim in Azure AD and setting this as the value and creating a mapping in the ZOOM SAML Mappings doesn't work. When logging in as a user, the claim resolves to the value of "https://graph.microsoft.com/beta/me/photo/$value", not the actual user photo.

 

I'm obviously doing something wrong here. Has anyone got this working? Please post your suggestions and tips.

Thanks.

glynch27
Listener | Zoom Partner
Listener | Zoom Partner

Was there ever a resolution to this where Graph was successful?

DDIT
Listener

Hi @glynch27  I'm still waiting for someone to post an answer. Considering Zoom's popularity, I'm surprised more people aren't asking this question and/or offering the answer. Some huge org's must have achieved this. Perhaps  I'll raise a support ticket or ask on reddit.com/r/Zoom as well. I'll post the answer here when I find it!

glynch27
Listener | Zoom Partner
Listener | Zoom Partner

I am surprised as well and from a Graph API standpoint, it's fairly easy to implement into Zoom (from a dev perspective).  I'll bring this up to the channel teams as a feature request, but I think the subreddit request and in other places may create more traction.

 

For what we're able to do currently (SAML assertion), we would need to broker the image somewhere and get the user values which is crazy for us supporting large orgs (ourselves as a partner and MSSP/MSP).  Since the graph permissions are already in-place, it's an easy association of pulling the largest photo from graph and applying it to the Zoom user and could be an easy option to toggle on/off.

Very keen on some assistance here myself. It's almost 2am and I'm struggling to believe how difficult this is to achieve. We've enabled Single Sign-on, auto provisioning, and SAML response mappings and all of those are working... but I'm really struggling to find further guidance for the Profile Picture. I will watch this thread with eager anticipation of a simple solution for what seems like it should be a trivial problem.

 

cheers all

DDIT
Listener

@JCarvell or @glynch27 

Whilst I don't have an answer to this yet, I'm wondering if you could offer some advice on a related matter. Although we provision Zoom user accounts automatically from Azure AD, I still need to go into each account in Zoom, manually set the time zone, preferred date format (dd/mm/yyyy) and set the time zome to 24-hours. Have you worked out a way to automate or sync this from Azure? These configurable options don't appear under SAML mappings, nor anywhere else in Zoom Accounts Settings as far as I am aware. Thanks in advance.

glynch27
Listener | Zoom Partner
Listener | Zoom Partner

@DDIT @JCarvell -- Hopefully this thread will bring traction from the team, and I still need to ping my resources at Zoom to see if this is road mapped.  

 

A majority of this is very easy work but like most, it's in a bucket of hundreds of other to-do's and prioritizing it to the top can be difficult.  Especially with recent larger deals of 100k+ seats from Citi and other orgs, I find it difficult to understand some of the core basics still need addressing but, I have full confidence that they will eventually iron this out.

 

The big ones are ones you already mentioned-->

 

  • Allow the ability to sync profile picture and grant access on behalf of the company to allow all users to share profile pictures.  This process is the same as what's used for OAuth calendar and contacts sync.
  • Ability to set default time zone and / or pull IdP integration time zone (Okta, Duo, Azure, etc.) for the user

Then there's the one not really related to this thread but is in the same bucket for me to fix the "oddly not here" settings-->

  • Ability to set default caller ID (a frequent one in the forums

SAML response is limited on some of this, however, I could see time zone being incorporated and updated upon login in case the user has changed time zones.