Configuring Shibboleth for Zoom

Les LaCroix llacroix at
Sat Aug 22 21:56:32 UTC 2020


We have Shibb configured with the usual SAML persistent NameID, and Zoom
configured to pay attention to eduPersonUniqueID as the user identifier,
mail for email address etc.  The config has been in place since last spring
term, and we haven't had any issues with logins or invitations.



*Les LaCroix '79*

Strategic Technologist

Information Technology Services

t: (507) 222-5455

On Fri, Aug 21, 2020 at 9:42 PM Lohr, Donald A - lohrda <lohrda at>

> Referring to this URL:
> states the following:
> First, configure your IdP to send us the following
>    - Any unique identifier linked to nameID such as eduPersonTargetedID,
>    persistentID, or mail
>    - (Optional) Accepted attributes are email (urn:oid:0.9.2342.19200300.
>    100.1.3), sn (urn:oid:, and givenName (urn:oid:
> Our plan would be to configure Shibboleth to set the nameID for Zoom to
> not be a user's email address. We want to use a better unique & never
> changing attribute, the user's eduPersonUniqueId attribute value. We will
> also send Zoom a user's mail, givenname and sn attribute values.
> Is anyone's Shibboleth configuration for Zoom using something other than
> email as the nameID value?  If so have you encountered any issues with
> nameID not set as a users email value? Especially with SSO login, the
> emailing of or accepting invitations or using the Canvas LTI Pro component.
> --
> D o n a l d   L o h r
> I n f o r m a t i o n   S y s t e m s
> J a m e s   M a d i s o n   U n i v e r s i t y
> 5 4 0 . 5 6 8 . 3 7 3 0
> --
> For Consortium Member technical support, see
> To unsubscribe from this list send an email to
> users-unsubscribe at
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the users mailing list