Account Level OAUTH app restricted to subset of users or groups or sub-accounts or other means

Scenario
OAuth Account level app restricted to a subset of users or groups or sub-account, where SSO continues to function for the entire set of users and administrator can control access to the integration.

• Domain has about ~1000 users. i.e. example.com
• Subset users that should be able to create zoom meeting/trainings/webinars should be ~70 users.
  i.e. user1@example.com to user70@example.com remaining users are view only.
• Integration type - Account level - OAUTH custom app. where the Client ID, Client Secret & Return URL are used to integrate with LMS.
  Scopes : Webinar read, write; users read, write; role read,write;

Queries

• Can the OAUTH account level app be restricted to group of users by groups, sub-account, other means.
• Can the same SSO function for both the master & sub-accounts.
• Can SSO user create happen without an email address.

Thanks

Hey @ravikumar.boddu,

This would need to be implemented on your end - restricting which users can use an account level app.

Or you could create a User Level OAuth app and restrict who has access to install it.

Thanks,
Tommy

I have same inquiries, I’d like to create sub account so restrict my oauth app api access info to a sub group of users, but i’d like to reuse the same sso integration and join url, but my account admin tell me i can’t reuse the sso for the sub account?

Hey @rick.li,

Here is the account paradigm:

You can restrict apps to sub accounts via the Marketplace Permissions.

As for SSO, please reach out to support.zoom.us.

Thanks,
Tommy