This article outlines the information and steps you need to take in order to configure Zoom to use the LogonBox SAML Identity Provider. Once configured your users will be redirected to your LogonBox Server to authenticate.
Note: You will need a vanity URL configured before access to the single sign-on settings become available. Once this URL has been approved by Zoom you should continue with the rest of this article.
Step 1 - Create the Resource from the Template
Log into your server as admin and navigate to Resources->Identity Services->SAML. Click Search Templates and select the Zoom SAML template and click Next.
You will be asked for:
- Entity Id
- Vanity URL
The Entity Id uniquely identifies your connection with Zoom e.g. zoom.logonbox.com.
The Vanity URL is your unique organization URL for Zoom, once approved by Zoom enter the URL without any protocol details e.g. company.zoom.us.
At this point you can close the templates window so that you can return to the SAML list of resources where your Zoom SAML resource should now be present.
Edit the resource and in the Assignment tab, add users, groups or roles who will have permission to use this resource.
You can add the Everyone role to add all users.
Step 2 - Download SAML metadata
You will need a couple of things from your server in order to configure GoToMeeting.
First you will need to download the SAML metadata.
In the table of SAML resources locate the Zoom SAML resource, and click the options icon to activate the dropdown. Select Download Metadata; this is an XML file that contains information about the Identity Provider and its access points.
Open the XML file containing the metadata and locate the logon service URL and redirect URL. These are located towards the end of the document and will look like
Copy the entire URL, we will need these in the next step.
Next, navigate to Certificates and locate the SAML RSA certificate. Again using the options icon to activate the dropdown, select Download Certificate.
Step 3 - Configuring Zoom
Navigate to the single sign on settings page and Enable SSO.
From the zoom single sign on page configure the following:
- Sign-in page URL - this is the login URL identified in previous step, 'https://demo.logonbox.com/app/api/sso/logon/123456'
- Sign-out page URL - this is the logout URL identified in the previous step, 'https://demo.logonbox.com/app/api/sso/logout/123456'
- Identity provider certificate - you will need to paste the certificate file downloaded in the previous step without the BEGIN and END CERTIFICATE lines
- Issuer - this is the Entity Id you defined in step 1
- Binding - select HTTP-Redirect
- Default user type - select Basic or Pro
Step 4 - Final Checks
Log out of Zoom and then access LogonBox as a user with the rights to use the new resource. In My Resources->Browser Resources click the launch icon to access Zoom. You can also access this resource by navigating to your Zoom vanity URL.
The email address on the user account in LogonBox must match that of a user within Zoom.