Admins can configure the Azure Active Directory (AAD) contact integration to enable Zoom users to connect to and search AAD users and contacts without syncing, storing them in the Zoom Cloud, or provisioning those contacts with Zoom.

Once configured, Zoom users on the account can search for and view AAD users and contact names on incoming calls, search for a contact stored in AAD by name, partial name, email, or other contact information through a Zoom client search, Zoom Phone dial pad search, and Zoom Powerpack search even if those users are not licensed for Zoom.

This article covers

• How to set up Azure Active Directory
  • Obtain Tenant ID
  • Obtain the Application Client ID
    • Creating a new App (recommended)
    • Using an existing App
  • Obtain the Application Client Secret
  • Setup API permission
• How to configure the Azure Active Directory Contact integration

Prerequisites for configuring the Azure Active Directory contact integration

• Business or Education account with an approved Vanity URL
• Zoom owner or admin privileges
• Azure subscription with global admin privileges
• Contacts configured in Azure Active Directory
• Azure Active Directory contact phone numbers in e.164 format

How to set up the Azure Active Directory

Obtain the Tenant ID

1. Sign in to the Azure portal.
2. Navigate to Azure Active Directory.
3. In the left navigation menu, click Overview if you have not defaulted there.
4. Click the Copy to clipboard button next to the Tenant ID. You will need this later.

Obtain the Application Client ID

Note: While you may use your existing Zoom application for SSO and Provisioning, we recommend creating a new application to use with the Active Directory Contact Integration (recommended). If you choose to use a new app in Microsoft for the Active Directory Contact Integration, we recommend renaming the app accordingly for later ease of reference.

Creating a new App (recommended)

1. Sign in to the Azure portal.
2. Navigate to Azure Active Directory.
3. In the left navigation menu, click Enterprise Applications.
4. Click New application at the top.
5. Search for and select Zoom.
6. Click Create. (You may rename this to something more intuitive for later prior to clicking Create).
   You should be redirected to the Overview page for your new app.
7. Click the Copy to clipboard button next to the Application ID. You will need this later.

Using an existing App

1. Sign in to the Azure portal.
2. Click on Azure Active Directory.
3. In the left navigation menu, click Enterprise Applications.
4. Select your Zoom SSO and Provisioning App (by default, this is named Zoom)
5. Copy the Application ID from the Overview page. You will need this later.

Obtain the Application Client Secret

1. Sign in to the Azure portal.
2. Click on Azure Active Directory.
3. In the left navigation menu, click App registrations.
4. Click the All applications tab then Zoom (or whatever you previously renamed the new app to).
5. In the left navigation menu, click Certificates & secrets.
6. Click New client secret.
   An Add a client secret pop-up window will appear.
7. In the pop-up window, enter a description and set the expiration date.
8. Click Add.
9. Click the Copy to clipboard button next to the Value (not the Secret ID). You will need this later.
   Note: If you navigate away from this page before copying the value, you cannot retrieve it later.

Setup API permission

Before configuring the Azure Active Directory contact integration, you must authorize Zoom to call APIs. To authorize Zoom to call APIs,

1. Sign in to the Azure portal.
2. Select Azure Active Directory.
3. In the left navigation menu, click App registrations.
4. Click the All applications tab then Zoom (or the name you chose with your app).
5. In the left navigation menu, click API permissions.
6. Click Add a permission at the top.
7. Select Microsoft Graph.
8. Select Application permissions.
9. Use the search to find User.Read.All and select it (you may need to expand User for this to be visible).
10. Click Add permission at the bottom.
11. Click Grant admin consent for (the name of your MS tenant).
12. In the Grant admin consent confirmation box, select Yes.

How to configure the Azure Active Directory Contact integration in Zoom

The Enable Microsoft Tenant Integration setting allows you to configure the Azure Active Directory contact integration. This setting is disabled by default.

To enable this setting: 

1. Sign in to the Zoom web portal.
2. In the navigation menu, click Account Management then Account Profile.
3. Click the Account Profile tab.
4. Under Microsoft Integrations section, click the Enable Microsoft Tenant Integration toggle to enable it.
5. Completed the following fields:
   • Tenant ID
   • Application Client ID
   • Application Client Secret
6. Click Save.
   Once configured, the following additional options will be available: 
   • (Optional) Click the Enable AAD Search in Zoom toggle to allow Zoom users to search for users, contacts, and resources in the connected Microsoft AAD tenant.
   • (Optional) Select the Allow users to store starred AAD Contacts local on device checkbox.
   • (Optional) Click the Allow Microsoft Teams users to see the presence of Zoom users toggle to to allow Teams users to see user's Zoom presence status.
     Note: This option must be enabled by Zoom.