Zuora OneID Office Hours: Legacy Login Deprecation - April 2024

By Lana Lee posted 04-04-2024 09:26


As part of our ongoing support of our upcoming legacy login deprecation, we are holding monthly OneID office hours with Principal Product Manager, @Bharath Marimuthu who was on-hand to answer questions after a brief discussion on the 2-step OneID migration process.


Office Hour Questions

  1. What is the date this will be the required log in process for the Sandbox and Production accounts?

  2. How will it sync to one username and password?

  3. What is the impact on the integration user?

  4. An org might have shadow resources for a project who use credentials of client facing resources for sandboxes only. After OneID, the client facing resources shall log in to OneID and then all instances (Sandbox and Prod) will be available to access. How do we manage this situation?

  5. What if we are currently using Okta integration for our users to login to Zuora?

  6. In the future, will New OAuth be allowed for any testing purposes?

  7. Can you confirm if OneID adheres to industry-specific regulatory compliance standards? Additionally, for auditing purposes, customers need to access certain information. Could you guide me on how to generate a report from OneID that includes the following details:

    • Identification of each new user account created within a specified timeframe.

    • The administrator or user responsible for creating each new user account.

    • Details on the creation of new roles within the system, including the creator of these roles.

    • Information about which administrators assigned users to specific roles.

    • A comprehensive list showing which roles have been assigned to each user.

    • Timestamps for each of the activities mentioned in points 1-5, indicating when each action was performed.

We need these details to meet specific auditor requirements. If it's not possible for you to provide the report directly, could you please instruct me on the process to generate such a report within the OneID?

  1. What are best practices for OneID and shadow resources?

  2. Are there any enhancements to reporting capabilities out of this One-ID platform? We are currently on the Unified Authentication method, which allows Export User Listing. However, there does not exist a column that displays the users’ login method (ID/PW, SSO,etc.).

  3. Is this migration mandatory and when is the latest date by which this should happen?


Other topics discussed


Additional OneID References:


Stay Up-To-Date with Zuora Releases and Maintenance

Check out the Community’s News and Notifications groups to receive emails about Zuora Maintenance and Release Notifications including deployment schedules, the release window, and issues fixed.  Follow these steps to sign up and select the frequency you’d like to receive emails - real-time, daily digest, no emails.



04-18-2024 11:23

@Raywin Knewstubb

You can create the Organisation level OAuth clients from the OneID settings page. Please refer here for more details. But at the moment these OAuth clients are limited to call only the user management APIs. 
This is not yet supported to call Billing and Revenue APIs, and this will be supported soon.

04-10-2024 04:50

When Bharath Marimuthu talks about having a global level oauth and not attaching it to a user level, how is that done?  Where in Zuora or Zuora OneID are these global oauth's meant to be created?  Can all oauth's be created in this new way or only specific types?