SSO login, auto-provisioning and exceptions | Community
Skip to main content
S
Newcomer
stephane_payet
Newcomer
May 10, 2023
Question

SSO login, auto-provisioning and exceptions

  • May 10, 2023
  • 2 replies
  • 19 views

Hello,

 

I'm setuping SSO in my business with Azure, I started long time ago, so it's possible some parts of my memories are missing, but I will take advantages of my notes.

I followed multiples documentations, Zoom and Microsoft ones, for records, main ones:

And 2 months ago, I was stuck in Zoom change regarding "The JWT app type will be deprecated"

https://developers.zoom.us/docs/platform/build/jwt-app/, so put it on ice until OAuth will be available.

Now I'm back in, and I want to finish this installation, enable auto-provisioning, that's will be convenient but some accounts are not linked with AD, so I found a thread whom manage those special accounts/exceptions, https://community.zoom.com/t5/Meetings/How-to-Exclude-Accounts-from-SSO/m-p/114444 and here here https://support.zoom.us/hc/en-us/articles/115005756143-Changing-account-security-settings#h_273b6e9f-a70b-4f3a-8b0e-d29f42fe01e8 mentioning force SSO login, and add exception for work email connection but I'm not sure if it will be able to cohabitate with auto-provisioning.

As I understand, bypass provide ability to exceptions to login with email address, but it will be able to not be deleted by auto-provisioning ?


I still searching, but OAuth, previously JWT, is requested for auto-provisioning, right ?
SSO is functional, not forced but works 100%, so I'm questioning utility of OAuth.

    2 replies

    R
    Community Manager
    rn-zm
    Community Manager
    May 15, 2023

    Hey @stephane_payet I see that you have already opened a ticket with our Zoom support team. I would advise sticking with them to make sure your account and problem are resolved. If Zoom support was able to offer you a solution, kindly pass it along so that others in the community can ask a question that is similar to yours. 

     

    Thank you! Let me know how else I can help within the community. 

    S
    Newcomer
    stephane_payetAuthor
    Newcomer
    May 15, 2023

    Heya,

     

    Yes, I opened in parallel, my thread was marked as spam, so I doubled my chance.

     

    It's pretty resolved, only need implement auto-provisioning and it will be finished.

     

    For records, here are my results
    I joined my domain to Zoom; https://support.zoom.us/hc/en-us/articles/203395207-Getting-started-with-associated-domains
    As soon it was associated I was able to tick Manage users with the same domain and Allow users with the same domain to consolidate into this account. The both options looks change anything in user side, my accounts appeared to be created inside my Zoom account so nothing to notice here.
    Only one thing, when I ticked Allow users with the same domain to consolidate into this account it shown my a disclaimer saying there are x number of account to consolidate, but no one communicate to me, wait and see.
    As soon Manage users with the same domain was enable, I also was enable to change as quoted here https://community.zoom.com/t5/Meetings/How-to-Exclude-Accounts-from-SSO/m-p/114444, I tested all bypass accounts are ok to login
    More specific, if you put those bypass in login page it will connect as usual, if you put an SSO account it will login through SSO (no need to click on the key SSO)

     

    Now I will wait this Thursday to implement auto-provisioning with OAuth https://support.zoom.us/hc/en-us/articles/115005887566-Configuring-Zoom-with-Azure#h_01GYWGNMKSCHE7DQ1B8Z8QKFP0 and see if bypass accounts will also bypass auto-provisioning

     

    I'll keep you informed

    Terms & ConditionsAccessibility statement
    Copyright © Zoom Communications, Inc. All rights reserved.