SSO Pre-provisioning

Zoom uses Just-In-Time (JIT) provisioning with Single Sign-On by default. This means that when a user tries to log in, a Zoom account will be created for them based on your SAML mapping. However, if you do not want Zoom accounts to be automatically created when a user attempts to sign in, you can use pre-provisioning instead and create users via REST API or CSV.

Note: Newly created users that do not match an approved associated domain on your account will be sent an email to verify their email address.

This article covers:

Prerequisites for SSO pre-provisioning

How to enable pre-provisioning for your account

  1. Login to your Zoom account and navigate to the Single Sign-On page.
  2. Click Edit
  3. Next to Provision User, choose Prior to Sign-In.
  4. Click Save Changes.

How to add users via REST API

When pre-provisioning is enabled for your account, the ssoCreate API call will also be enabled for your account. Users created with this API call will only be able to login via SSO. No password will be created.

If the user is a Licensed user, the API call will generate a Personal Vanity URL using the user name (no domain) of the provisioning email. If user name or PMI is invalid or occupied, it will generate a random number/random personal vanity URL.

Learn how to add users via REST API

How to add users via CSV

  1. Sign in to the Zoom web portal.
  2. In the navigation panel, click User Management then Users.
  3. Click the Users tab.
  4. On the right side of the page, click Import.
  5. Click Download CSV Sample to download a sample you can fill out.
    Note: You can also directly download the CSV sample.
  6. Open the file using spreadsheet software like Microsoft Excel.
  7. Enter users' information following the CSV format. Each piece of information is a separate column. 
    Note: The first three columns are required. Information in the other columns can be changed after importing users. 
  8. Save the spreadsheet as a CSV (comma-delimited) file.
  9. Designate Basic, Licensed, or On-Prem as the license type. Select any features you would like to apply. This pertains to all users included in the CSV file.
    Note: If your account utilizes the Meeting Connector, but on-prem is not available under User Type, then you will need to assign those users as Licensed users, and assign them to a group that has on-prem enabled.
  10. Check SSO User.
  11. Click Upload CSV file to find your .csv file.
  12. Click on your .csv file, then choose Open.
  13. The users will be automatically approved and appear in your users list.