Documentation for OAuth Scopes

jeff · December 11, 2018, 12:15am

Hi folks, I cannot find any documentation for the OAuth scopes that you support. Specifically, I am looking for

an explanation of what scopes like meeting:write user:read recording:write webinar:write do
discussion of whether it is possible to request different scopes other than all of the above (either a subset thereof, or others not listed)
explanation of whether these scopes permit the authenticated user to manage their data alone, or that of their whole company (i.e. other users at their domain who are also using Zoom)

This documentation might look like this (but for your API).

TimZoom · December 11, 2018, 11:23pm

On each API we list the scopes in the description section. Does this solve your requirement or do you need a more high-level?

jeff · December 11, 2018, 11:50pm

Thanks for your reply Tim. When you write

On each API we list the scopes in the description section

where can I find this?

For example, if I visit Zoom API, I assume that that API requires the meeting:write scope but I don’t find that discussed anywhere on the page.

michael_p.zoom · December 17, 2018, 8:08pm

Hi @jeff,

We have a new API reference page, please refer here - https://marketplace.zoom.us/docs/api-reference/zoom-api/meetings/meetingcreate

jeff · December 17, 2018, 10:12pm

@michael_p.zoom, thanks for your reply. I see that that page states that POST /users/{userId}/meetings requires the user:write:admin user:write scopes. However that still does not help me answer my questions:

what do those scopes do (what resources do they allow access to)? I wish to know this for all scopes because you have multiple; in particular our tokens have the scopes meeting:write user:read recording:write webinar:write.
is it possible to request different scopes to use POST /users/{userId}/meetings? I suspect the answer is yes, because our access tokens do not have the scopes given here—rather they have the scopes meeting:write user:read recording:write webinar:write—and we are still able to use that API.
do any of the scopes above permit the authenticated user to manage their data alone, or that of their whole company (i.e. other users at their domain who are also using Zoom)
if any of the scopes above permit the authenticated user to manage the whole company’s data, are there equivalent scopes (for purposes of using POST /users/{userId}/meetings and PATCH /meetings/{meetingId}) that only allow the user to manage their individual data?

I would be much obliged if you would answer those questions directly, without reference to further documentation pages, unless those pages definitely have answers to those questions. Thanks.

TimZoom · January 2, 2019, 4:32pm

Hey Jeff,

I have been out on vacation sorry for the late response.

So, our scopes have two “types” there are user level scopes and account level scopes. User-level scopes are the ones you are mentioning above. Account level scopes however will have :admin appended to the scope. These are the scopes that allow data manipulation for other accounts. So, in your case these scopes will only be able to manipulate the data associated with the account.

The rest of the scope “forumla” is pretty straight forward. webinar:write for isntance could create webinars and webinar:read can read webinar info from the account.

jeff · January 2, 2019, 7:19pm

@TimZoom, that answers all my questions. Thanks!

Topic		Replies	Views
OAuth App Confusion API and Webhooks	6	821	November 6, 2020
Missing Scopes "meeting:write:admin" and "user:write:admin: for OAuth Apps API and Webhooks webhooks , api	0	37	April 17, 2024
Update scopes of app - delay? API and Webhooks	5	977	October 17, 2020
OAuth Reports API scope issue API and Webhooks	4	709	August 21, 2020
OAuth server-to-server returning only "scope": "meeting:read:admin" Authentication server-to-server	7	426	June 2, 2023

Documentation for OAuth Scopes

Related Topics