Zoom_IAM
This Integration is part of the Zoom Pack.#
Supported versions
Supported Cortex XSOAR versions: 6.0.0 and later.
An Identity and Access Management integration template. This integration was integrated and tested with version 2.0.0 of Zoom_IAM.
Configure Zoom_IAM in Cortex#
| Parameter | Description | Required |
|---|---|---|
| Account ID (OAuth) | False | |
| Client ID (OAuth) | False | |
| Client Secret (OAuth) | False | |
| API Key (JWT-Deprecated) | This authentication method is deprecated. | False |
| API Secret (JWT-Deprecated) | This authentication method is deprecated. | False |
| Use system proxy settings | False | |
| Trust any certificate (not secure) | False | |
| Allow disabling users | False | |
| Allow enabling users | False | |
| Incoming Mapper | True | |
| Outgoing Mapper | True |
Commands#
You can execute these commands from the CLI, as part of an automation, or in a playbook. After you successfully execute a command, a DBot message appears in the War Room with the command details.
iam-disable-user#
Disable an active user.
Base Command#
iam-disable-user
Input#
| Argument Name | Description | Required |
|---|---|---|
| user-profile | A User Profile indicator. For example: {"email": "john.doe@example.com"}. | Required |
Context Output#
| Path | Type | Description |
|---|---|---|
| IAM.Vendor.active | Boolean | When true, indicates that the employee's status is active in the 3rd-party integration. |
| IAM.Vendor.brand | String | Name of the integration. |
| IAM.Vendor.details | string | Provides the raw data from the 3rd-party integration. |
| IAM.Vendor.email | String | The employee's email address. |
| IAM.Vendor.errorCode | Number | HTTP error response code. |
| IAM.Vendor.errorMessage | String | Reason why the API failed. |
| IAM.Vendor.id | String | The employee's user ID in the app. |
| IAM.Vendor.instanceName | string | Name of the integration instance. |
| IAM.Vendor.success | Boolean | When true, indicates that the command was executed successfully. |
| IAM.Vendor.username | String | The employee's username in the app. |
Command example#
``!iam-disable-user user-profile={"email": "example@example.com", "givenname": "Example"}````
Context Example#
Human Readable Output#
Disable User Results (Zoom_IAM)#
brand instanceName success active id details Zoom_IAM Zoom_IAM_instance_1 JWT true false 6mIygOyeTT61Wzw_PAo5jw example@example.com email: example@example.com
givenname: Example
iam-enable-user#
Enable a deactivated user.
Base Command#
iam-enable-user
Input#
| Argument Name | Description | Required |
|---|---|---|
| user-profile | A User Profile indicator. | Required |
Context Output#
| Path | Type | Description |
|---|---|---|
| IAM.Vendor.active | Boolean | When true, indicates that the employee's status is active in the 3rd-party integration. |
| IAM.Vendor.brand | String | Name of the integration. |
| IAM.Vendor.details | string | Provides the raw data from the 3rd-party integration. |
| IAM.Vendor.email | String | The employee's email address. |
| IAM.Vendor.errorCode | Number | HTTP error response code. |
| IAM.Vendor.errorMessage | String | Reason why the API failed. |
| IAM.Vendor.id | String | The employee's user ID in the app. |
| IAM.Vendor.instanceName | string | Name of the integration instance. |
| IAM.Vendor.success | Boolean | When true, indicates that the command was executed successfully. |
| IAM.Vendor.username | String | The employee's username in the app. |
Command example#
``!iam-enable-user user-profile={"email": "example@example.com", "givenname": "Example"}````
Context Example#
Human Readable Output#
Enable User Results (Zoom_IAM)#
brand instanceName success active id details Zoom_IAM Zoom_IAM_instance_2 OAuth true true 6mIygOyeTT61Wzw_PAo5jw example@example.com email: example@example.com
givenname: Example
iam-get-user#
Retrieves a single user resource.
Base Command#
iam-get-user
Input#
| Argument Name | Description | Required |
|---|---|---|
| user-profile | A User Profile indicator. | Required |
Context Output#
There is no context output for this command.
Command example#
``!iam-get-user user-profile={"email": "example@example.com", "givenname": "Example"}````
Context Example#
Human Readable Output#
Get User Results (Zoom_IAM)#
brand instanceName success active id details Zoom_IAM Zoom_IAM_instance_1 JWT true true 6mIygOyeTT61Wzw_PAo5jw example@example.com id: 6mIygOyeTT61Wzw_PAo5jw
first_name: Example
last_name: Example
email: example@example.com
type: 1
role_name: Member
pmi: 3269259758
use_pmi: false
personal_meeting_url: https://us06web.zoom.us/j/3269259758?pwd=Q2VTN1JsM2J2OCtmS1hWaHBTUmV6QT09
timezone: Asia/Jerusalem
verified: 0
dept:
created_at: 2020-06-16T06:57:23Z
last_login_time: 2022-08-24T07:25:49Z
last_client_version: 5.8.7.2058(win)
pic_url: https://lh3.googleusercontent.com/a/AItbvmn0GJLCTIkOIatpkUy-PuEf-tFQEnBVOUxcT2oB=s96-c
cms_user_id:
jid: 6miygoyett61wzw_pao5jw@xmpp.zoom.us
group_ids:
im_group_ids:
account_id: aeKD2BFJRASt1QVURWo9CA
language: en-US
phone_country:
phone_number:
status: active
job_title:
location:
login_types: 1
role_id: 2
account_number: 1114287
cluster: us06
user_created_at: 2020-06-16T06:57:23Z
get-mapping-fields#
Retrieves a User Profile schema, which holds all of the user fields within the application. Used for outgoing-mapping through the Get Schema option.
Base Command#
get-mapping-fields
Input#
There are no input arguments for this command.
Context Output#
There is no context output for this command.
Incident Mirroring#
You can enable incident mirroring between Cortex XSOAR incidents and Zoom_IAM corresponding events (available from Cortex XSOAR version 6.0.0). To set up the mirroring: Enable Fetching incidents in your instance configuration.
Newly fetched incidents will be mirrored in the chosen direction. However, this selection does not affect existing incidents. Important Note: To ensure the mirroring works as expected, mappers are required, both for incoming and outgoing, to map the expected fields in Cortex XSOAR and Zoom_IAM.