Zoom

Before We Dive In:

  1. You need a Zoom Business or Business Plus plan. For now, no Pro Account, please!
  2. You should be a boss (Admin) of both your Zoom account and your Privakey Passwordless SSO.

Lets Do it - Set Up Zoom and Privakey!

1. Get Prepared! Get an approved 'Vanity URL' in Zoom

You may already have a vanity url - such as `companyname.zoom.com``. If so - skip to step Configure Privakey and Zoom.

Don't have a Vanity URL? Zoom has great instructions on how to get a Vanity URL here .

It's very simple. Basically you need to:

  1. Log into Zoom as an administrator.
  2. Click on Account Management > Account Profile link
  3. Scroll down to the section Vanity URL and follow the instructions to apply for a vanity url.

That's it. It can take up to 24 hours for your vanity URL to be approved, but it usually is much quicker! That was easy, right? 👍

Once your Vanity URL is approved you can continue with configuration.

2. Configure Privakey and Zoom

A). Configure Zoom in Privakey

  1. Head over to Privakey: Go to Privakey SSO and log in link .
  2. Click on "Admin" at the top.
  3. Choose "+Configure New Service Provider" (found at the bottom the Configured Service Providers section), and on the subsequent page just pick "Zoom" and hit “Configure”.
  4. Enter your Vanity URL you created in step 1 (or the one you already had).
  5. Click "Submit".

All done! ⭐

We're done here, but leave the Privakey Admin console open. We'll need some info from there in just a moment.

B) Configure Privakey in Zoom

OK - now we are going to input data that lets Zoom know about Privakey in the Zoom admin portal and turn on SSO.

  1. In Zoom, as an Admin, navigate, using the left hand navigation to Advanced > Single Sign On link
  2. You'll need to enter information from Privakey here.
  1. Go back to Privakey Admin Home Page, Select “Configure New Service Provider” and then on the card header **Show Privakey SAML configuration Data” to display your Privakey Passwordless SAML data. The following screen will show:

Privakey Metadata

Privakey SAML configuration Data Admin Portal Window

  1. Now, copy-paste the info from Privakey Admin Portal Window into Zoom (to copy a value from Privakey just click on the icon.) There are also a few things you'll need to configure:
  • Copy Privakey SSO Login URL and paste it to the Sign-in Page URL in Zoom.
  • Copy the Privakey SSO Logout URL and paste it to the Sign-out Page URL in Zoom.
  • Copy the Privakey SSO Certificate - No Headers from Privakey (by clicking the button Copy Certificate (NH)) and paste in the Identity Provider Certificate field.
  • Leave Service Provider (SP) Entity ID unchanged. It will be showing your Zoom Vanity URL.
  • Copy the Privakey SSO Entity ID value and paste it in the Issuer (SP) Entity ID field in Zoom.
  • Leave Binding set to HTTP-POST
  • Signature Has Algorithm is should be set to SHA-1
  • In Security
    • Do not check. This is important. Do not check:
      • Sign SAML request
      • Sign SAML Logout request
      • Support encrypted assertions
    • You can check ⚖️
      • Enforce automatic logout after user has been logged in for select days. This is optional, but you can require you users to periodically re-sign into Zoom.
      • Save SAML response logs on user sign-in. Sure, if you want to, you can save this. We don't.
  • Provision User. This one is up to you. 😀
    • Choose At Sign-in if you want everyone who is set up in Privakey SSO to have access to Zoom.
    • Choose Prior to Sign-In if you want to only allow access to Zoom to those users whom you have explicitly added to Zoom.
  1. Save your changes!

That's it! That was the hard bit. Your Privakey-enabled users can now access Zoom with Privakey.

But they can still access Zoom with username and password! So - you have few choices to make...

C) Choose your Zoom Security Options

So - now your users can sign-in with username and password and Privakey SSO. If you never adjusted Zooms Security Settings they may be able to log in with Google, Facebook and Apple ID too!

It's easy and straight forward to adjust this. In Zoom navigate to Admin > Advanced > Security link .

There are lots of options here - but they're all straight forward.

Make sure Allow users to sign-in with Single Sign-On (SSO) is toggled on. If you want to enforce sign-on with SSO you can tick *Require users to sign in with SSO if their e-mail address belongs to the domains below. This is a great idea to secure access to Zoom. However, if you want to give your users options feel free to leave this un-ticked.

Also - review the options for Google, Facebook and AppleID. We recommend you turn those off if you're not actually using them.

OK - that's really it. You've set up Zoom and configured access for users.

Using Privakey SSO with Zoom

To log in with Privakey SSO you have two options.

  1. Just click on the Quick Access link it the Privakey SSO Access Manager. See Access Manager
  2. Go to your Vanity URL and you'll see the following Login Screen:

Zoom Login

  1. See the arrow pointing to SSO. You'll have to click that to get to SSO Authentication.

Turning Off Privakey SSO

We hope you don't want to, but if you must turn off Privakey SSO for access to Zoom you should go to Admin > Advanced > Security link in Zoom. Scroll down to Allow users to sign-in with Single Sign-On (SSO) and toggle it off. 😞


Document Version: 1.1 | January 17, 2024.