Description
I know that it is possible for OAuth Apps to configure some Collaborators within your organization. Both of them see the created Application under Created Apps tab. When an admin creates his own Server-to-Server or Webhook App you can not setup some collaborators for it. This App is only under the use of the Application Owner. When some co-workers wants to use this App, or have to check the API Call Logs for the Server-to-Server or Webhook App it is not possible for them.
Also the problem is, that an App has the same scopes and permissions like the admin who created the App. When the admin changes his team and becomes a new role in zoom with lower permissions, the same happes with the App and some scopes will fall out of the App.
It should be possible to bind Apps to a team or group of people. That the app is also still working when somebody leaves the company and his account with admin permissions will be deactivated.
How To Reproduce Steps to reproduce the behavior including: 1. Create a Server-to-Server App 2. Try to find or manage this App from a different User with admin priviledges. 3. Shrink admin priviledges of the user who created the App.
Hi @dennis.raulien
Thank you so much for reaching out to the Zoom Developer Forum, I am happy to help here!
Unfortunately, there is no way to add Collaborators to the Server to Server Oauth app nor to the Webhook-only app.
Since the Server to Server is tied to the user and the scopes available for each user are related to the permissions they might have, it is not possible to add collaborators to it.
I will make sure to bring this feedback to the team to see if they have any input for you!
Best,
Elisa
Hi @elisa.zoom, Yes please bring this feedback to the team. I guess this could be very important. We live in a dynamic and rotating work society. It can happen very fast, that the developer who creates a lot of apps leaves the company and his account will be depracted.
Hi @dennis.raulien
I will do! The other thing I forgot to mention is that for Server-to-Server OAuth apps, you can actually transfer the app owner in case someone leaves the company; you just have to make sure that the person who is receiving the app has the appropriate permission.
HI @elisa.zoom I´m aware of the funcionallity of transferring apps to another app owner. But what will happen with the app when a user is disabled/deleted in the zoom tenant and the app is not transferred?
Is the app still working with limited permissions,
deactivated and not working
or still working with the settings and permissions as created
If the app is not transferred then when a user is disabled or deleted, the app won’t work anymore because the app is tied to the user who created it.
Hope this helps,
Elisa
Thanks @elisa.zoom for that information. But I think that underlines the need to bind apps to groups or roles and not only to individuals.
But for all I know zoom, that will be implemented very quickly (hopefully)
Greetz,
Dennis
Hello Elisa,
can you please guide me on how to transfer the server to server Oauth app to someone else as i dont see any option to transfer the app owner.
Hi @hemant.sarode.ext
Thanks for reaching out to the Zoom Developer Forum, I am happy to help here!
Unfortunately, there is no way to transfer a Server to Server OAuth app.
The only workaround here is having the new “app owner” to recreate the app on their account
you can only transfer userbased OAuth Apps and no Server-to-server apps. But when somebody leaves the company and you delete his account he created Server-to-server Apps, than you can assign a new App Owner. But in the meanwhile, the App will not work, because it will run under the rights the app owner had.
Thanks for chiming in @dennis.raulien
and @hemant.sarode.ext that was my bad, you can not change ownership of a Server to server app. Sorry about that, it is only for Oauth apps
(hopefully)
