Integrating Trusona and Zoom

This guide details the steps required to configure Trusona as a passwordless authentication solution for Zoom.

By Trusona Engineering
Updated Jan 8, 2020

• 1. Getting Started
  • 1.1. Prerequisites
  • 1.2. Step 1: Email Trusona
  • 1.3. Step 2: Navigate to Single Sign-On
  • 1.4. Step 3: Configure SAML
  • 1.5. Step 4: Configure SAML response mapping
  • 1.6. Step 5: Testing the integration
  • 1.7. Customizing your Trusona experience
  • 1.8. Provide images
  • 1.9. Provide hex values
    • 1.9.1. Configuring Vanity URL

1. Getting Started

1.1. Prerequisites

In order to integrate Trusona with Zoom, you’ll need the following:

1. Zoom Business or Enterprise account
2. Approved Zoom vanity URL

1.2. Step 1: Email Trusona

Send an email to support@trusona.com with the following information:

Subject: Zoom Integration

1. Company name
2. Zoom Vanity URL
3. Optional - Trusona vanity url (url seen while on the Trusona gateway)
   1. Example: https://zoom.yourcompany.com/sessions/new. See the section on configuring vanity URL for more information.

Trusona will send you the following via email:

1. IdP Signature Certificate
2. Sign-in page URL
3. Issuer (IdP Entity ID)

1.3. Step 2: Navigate to Single Sign-On

1. Navigate to the Zoom Admin area
2. In the side-bar navigation choose Advanced > Single Sign-On

1.4. Step 3: Configure SAML

1. Enter the identity provider certificate sent by Trusona
2. Enter the Issuer (IdP Entity IDP) send by Trusona
3. Choose “SHA-256” for “Signature Hash Algorithm”
4. Select “Prior to sign in” from the “Provision User” select list
5. Save your changes

Note: If you leave the default setting for 'Provision User' as 'At Sign-in' it's possible that new users may be unintentionally created in your Zoom account.

1.5. Step 4: Configure SAML response mapping

1. Select the “SAML Response Mapping” tab
2. For “Email address,” choose “Map to SAML Attribute”
3. Enter email for the field name
4. Save your changes

1.6. Step 5: Testing the integration

1. Open a new private browsing window
2. Navigate to your Zoom vanity URL
3. Click the “Sign in” button
4. Complete the login process in the Trusona App

1.7. Customizing your Trusona experience

The Trusona Gateway (pictured below) includes default styling that will be familiar to your users using the Trusona App.

Optionally, it’s possible to provide a custom branded experience for your users including things like:

• A custom vanity URL
• Custom secure QR code colors
• Your company logo and colors

In order for Trusona to create your custom gateway you need to provide to Trusona hex values and images for the following:

1.8. Provide images

• Hero image: 1440 x 1800 px
• Logo image: 500 x 500 px

1.9. Provide hex values

• Animated dot color: this is the color dots that animate
• List of QR colors: multiples of the same color will appear more (provide 2 hex values)
• Link color:
• Text color:
• Background color: affects background behind the QR, usually we just do pure white (#FFFFFF)

1.9.1. Configuring Vanity URL

Add a new CNAME DNS record for your domain.

1. Set the “host” value to the URL you’d like users to see when logging in
2. Set the “Answer” value to ssl.trusona.net
3. Set the TTL to 300

Here’s an example of a CNAME answer when retrieved by dig tada.trusona.com.

tada.trusona.com. 3600 IN CNAME ssl.trusona.net.

---