This guide is designed to explain how to establish a federation partnership with Zoom with Symantec SiteMinder.
- Federation capabilities are deployed in the SiteMinder Environment
- Protection policies for federation authentication URLs are in place
- You have admin access to a licensed business or education Zoom account
- Identity Provider Signing Certs are already in place on the Policy Server
- You have a vanity URL for Zoom.
- Set up the partnership
- Configure Zoom
- Import the Zoom entity and complete the partnership
Task 1 – Setting up the Partnership
- Log in to your SiteMinder Admin UI and Navigate to the Federation Entities section.
- If you do not currently have an IDP Entity created, we need to create one. Create a local IDP Entity and fill out your base URL and Name ID Format information. The base URL is whatever URL your federation agent is listening on and if you are unsure what Name ID format to use, just accept the default unspecified.
- Now that we have an IDP Entity, click on the entity and export the metadata.
- Name the partnership and complete the export.
- Open the XML file in a text editor. You will need some of the information to configure Zoom.
Task 2 – Setting up the Partnership
Once you have your IDP metadata exported and the XML open. You need to open a browser to the following address and log in to your company’s Zoom account. https://zoom.us/account/sso.
- Click Enable Single Sign-On
- Using the IDP metadata that you exported, fill in the following fields requested by Zoom.
- Sign-in page URL
- Identity provider certificate
- Issuer (IDP Entity ID)
- Save the configurations.
- Open a browser to the following site. Amend it to reflect your vanity URL. https://yourcompany.zoom.us/saml/metadata/sp
It will automatically download the SP metadata.
Task 3 – Importing the Zoom entity and completing the partnership.
Now that we have the SP metadata, we can import it into SiteMinder and complete the partnership.
- Import the remote SP entity in the SiteMinder Admin UI.
- Open the incomplete Zoom partnership and add the new entity.
- On the Assertion Configuration Step, set the Format to email address and the Value to mail.
- In the SSO and SLO screen, ensure that the Authentication URL you use matches the one you entered in the Zoom configurations.
- Complete and Activate the Partnership.
- Test your SSO using the IDP initiated login.
That completes the setup for the partnership between SiteMinder and Zoom. Zoom makes the process very simple with their very minimalist configurations. Zoom defaults to using the email address as the user’s disambiguation value. You can configure other attributes to be mapped in the Zoom configurations as well, but are not necessary to the setup of the partnership.
Looking for additional help with federating Zoom? ISX is an elite IAM security firm that offers boundless expertise in a range of cybersecurity and business process services, including Symantec SiteMinder. Take your interoperability to the next level, and contact an ISX consultant today.