Hi there. I am leading development of the Zoom integration at my company. We are building an application intended for higher education use only, in which advisors will connect their account to Zoom in order for students to be able to schedule Zoom-based meetings with the advisor. We have been beta testing our application for about two months now using a User-Level OAuth application, with about 10 of our customers. They love it so far.
We have started the final review process with Zoom and this feedback was given to us by the functional review team:
Education Apps - Account Level recommendation
Since your app is intended for Education use, we highly recommend you change your application type to Account-level. This way, school admins can determine which apps to enable on their accounts. Please read this documentation for more information on our Marketplace Principles: Zoom App Marketplace App Review Guidelines and Principles And this document on the differences between User-Managed and Account-level apps: Key concepts for Zoom Developer Platform
We are having a tough time deciding between the two types. We have some questions which will help us make a decision:
Can an OAuth app be changed from User-Level to Account-Level? If yes, would this disrupt our beta testers? It seems like we will probably need to create a new app and start a new beta test if we wanted to go with Account-Level; is that right?
Does Zoom require that we use Account-Level for our higher education app, or is it ok if we choose to keep using User-Level?
We have concerns that not all of our customers may have Zoom Pro plans. Some schools do not pay for Zoom and instead rely on faculty to use personal Zoom accounts. If we switch to Account-Level, would this prevent these users from using our Zoom integration? Is there any free option for them to use an Account-Level app?
When a student schedules with an advisor, we want to make a Zoom meeting that includes that advisor’s Zoom email as the host. Many of our users have a different email on our system than on Zoom. With a User-Level app, we do not need to worry about this, because the OAuth flow creates a perfect link between our account and the Zoom account; in fact this is the primary reason we chose to use User-Level in the beginning.
When using Account-Level, is there any best practice for linking our individual advisors to Zoom so that we know which email to use?
If we continue using a User-Level app, are there any additional security or privacy rules that we must follow if the advisor were to link their personal Zoom account rather than a school-managed Zoom account?
Thank you so much for your time answering all these questions!