1. On the Review Setup tab:
    1. On the Signing Certificate line, click Download to download the signing certificate.
    2. On the SAML Metadata line, click Download to download the metadata file.
  2. In a separate tab, sign on to the Zoom admin console and go to the Single Sign-On tab.
  3. In Zoom, set the Sign-in Page URL value:
    1. Open the metadata file in a text editor.
    2. Copy the SingleSignOnService Location value.
      https://sso.connect.pingidentity.com/sso/idp/SSO.saml2?idpid=<idpid value>
    3. In the ZOom admin console, paste the Location value into the Sign-in Page URL field.
  4. Optional: In the Sign-Out page URL field, enter https://sso.connect.pingidentity.com/sso/SLO.saml2
    Tip:

    An SLO URL improves security by ending a user session in Zoom when the user's SSO session ends.

  5. In the Service Provider (SP) Entity ID list, select the non-HTTPS option.
  6. In the Enter Issuer field, paste the entityID value from the metadata file.
  7. Enter the Identity provider certificate value:
    1. Open the signing certificate file in a text editor.
    2. Copy the contents of the signing certificate file, excluding the BEGIN CERTIFICATE and END CERTIFICATE lines.
    3. In the Zoom admin console, paste the certificate contents into the Identity provider certificate field.
  8. On the Binding line, click either HTTP-POST or HTTP-Redirect.
    Tip:

    HTTP-POST is the more secure option, because it doesn't expose the SAML token as a query parameter in the URL.

  9. On the Signature Hash Algorithm line, click SHA-256.
  10. On the Security line, select the check boxes of the security policies to implement.
    Tip:

    Improve your security by selecting Sign SAML request and Save SAML response logs on user sign-in.

  11. Click Save Changes.