Configuring Shibboleth for Zoom
ostermmg at whitman.edu
Sat Aug 22 02:50:13 UTC 2020
We didn't use Shib for it, but rather the SAML IdP in CAS, but we have been
sending eduPersonTargetedID and it's working just fine.
I literally just set up LTI Pro for Canvas last night, and only in our test
Canvas instance, but the SSO seemed to work just fine.
On the LTI Pro front: one piece of advice is to join the EDU-ZOOM listserv
as there's a fair amount of discussion around LTI Pro and configuring it in
an SSO environment.
On Fri, Aug 21, 2020 at 7:42 PM Lohr, Donald A - lohrda <lohrda at jmu.edu>
> Referring to this URL:
> ...it states the following:
> First, configure your IdP to send us the following
> - Any unique identifier linked to nameID such as eduPersonTargetedID,
> persistentID, or mail
> - (Optional) Accepted attributes are email (urn:oid:0.9.2342.19200300.
> 100.1.3), sn (urn:oid:126.96.36.199), and givenName (urn:oid:188.8.131.52).
> Our plan would be to configure Shibboleth to set the nameID for Zoom to
> not be a user's email address. We want to use a better unique & never
> changing attribute, the user's eduPersonUniqueId attribute value. We will
> also send Zoom a user's mail, givenname and sn attribute values.
> Is anyone's Shibboleth configuration for Zoom using something other than
> email as the nameID value? If so have you encountered any issues with
> nameID not set as a users email value? Especially with SSO login, the
> emailing of or accepting invitations or using the Canvas LTI Pro component.
> D o n a l d L o h r
> I n f o r m a t i o n S y s t e m s
> J a m e s M a d i s o n U n i v e r s i t y
> 5 4 0 . 5 6 8 . 3 7 3 0
> For Consortium Member technical support, see
> To unsubscribe from this list send an email to
> users-unsubscribe at shibboleth.net
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the users