Account Level OAUTH app restricted to subset of users or groups or sub-accounts or other means

OAuth Account level app restricted to a subset of users or groups or sub-account, where SSO continues to function for the entire set of users and administrator can control access to the integration.

  • Domain has about ~1000 users. i.e.
  • Subset users that should be able to create zoom meeting/trainings/webinars should be ~70 users.
    i.e. to remaining users are view only.
  • Integration type - Account level - OAUTH custom app. where the Client ID, Client Secret & Return URL are used to integrate with LMS.
    Scopes : Webinar read, write; users read, write; role read,write;


  • Can the OAUTH account level app be restricted to group of users by groups, sub-account, other means.
  • Can the same SSO function for both the master & sub-accounts.
  • Can SSO user create happen without an email address.


Hey @ravikumar.boddu,

This would need to be implemented on your end - restricting which users can use an account level app.

Or you could create a User Level OAuth app and restrict who has access to install it.


I have same inquiries, I’d like to create sub account so restrict my oauth app api access info to a sub group of users, but i’d like to reuse the same sso integration and join url, but my account admin tell me i can’t reuse the sso for the sub account?


Here is the account paradigm:

You can restrict apps to sub accounts via the Marketplace Permissions.

As for SSO, please reach out to