Configuring Shibboleth for Zoom
Richard Frovarp
richard.frovarp at ndsu.edu
Mon Aug 24 19:06:52 UTC 2020
Yeah, that's how we have it setup. Nothing special. Just releasing R&S to them.
On Mon, 2020-08-24 at 15:05 -0400, Donald Lohr wrote:
Thanks, this has been very helpful.
Does anyone have a functioning Shibboleth IdP configuration via InCommon?
The reason I ask, is that another school told us:
Zoom is an InCommon member and we first attempted to configure with InCommon. However, we had some challenges with the way they signed assertions and logout. So, we decided we should do a manual configuration of SSO instead.
But I believe they've been a Zoom customer for a few years.
Thanks,
Don
On 8/21/20 10:41 PM, Lohr, Donald A - lohrda wrote:
Referring to this URL:
https://support.zoom.us/hc/en-us/articles/201363003-Getting-started-with-SSO<https://urldefense.proofpoint.com/v2/url?u=https-3A__support.zoom.us_hc_en-2Dus_articles_201363003-2DGetting-2Dstarted-2Dwith-2DSSO&d=DwMGaQ&c=eLbWYnpnzycBCgmb7vCI4uqNEB9RSjOdn_5nBEmmeq0&r=Pa2DB88IW_s2TyLfktHtWA&m=fLnm-WN9U4d94T42-8yB77D1UNg2gyNoFMXbDF8Oh9w&s=apt4aG3d0K1Wv8QERvPkmi6ynRplZudGFD6sPI3ZN8c&e=>
...it states the following:
First, configure your IdP to send us the following
* Any unique identifier linked to nameID such as eduPersonTargetedID, persistentID, or mail
* (Optional) Accepted attributes are email (urn:oid:0.9.2342.19200300. 100.1.3), sn (urn:oid:2.5.4.4), and givenName (urn:oid:2.5.4.42).
Our plan would be to configure Shibboleth to set the nameID for Zoom to not be a user's email address. We want to use a better unique & never changing attribute, the user's eduPersonUniqueId attribute value. We will also send Zoom a user's mail, givenname and sn attribute values.
Is anyone's Shibboleth configuration for Zoom using something other than email as the nameID value? If so have you encountered any issues with nameID not set as a users email value? Especially with SSO login, the emailing of or accepting invitations or using the Canvas LTI Pro component.
--
D o n a l d L o h r
I n f o r m a t i o n S y s t e m s
J a m e s M a d i s o n U n i v e r s i t y
5 4 0 . 5 6 8 . 3 7 3 0
--
D o n a l d L o h r
I n f o r m a t i o n S y s t e m s
J a m e s M a d i s o n U n i v e r s i t y
5 4 0 . 5 6 8 . 3 7 3 0
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://shibboleth.net/pipermail/users/attachments/20200824/df5fc879/attachment.htm>
More information about the users
mailing list