I know that it is possible for OAuth Apps to configure some Collaborators within your organization. Both of them see the created Application under Created Apps tab. When an admin creates his own Server-to-Server or Webhook App you can not setup some collaborators for it. This App is only under the use of the Application Owner. When some co-workers wants to use this App, or have to check the API Call Logs for the Server-to-Server or Webhook App it is not possible for them.
Also the problem is, that an App has the same scopes and permissions like the admin who created the App. When the admin changes his team and becomes a new role in zoom with lower permissions, the same happes with the App and some scopes will fall out of the App.
It should be possible to bind Apps to a team or group of people. That the app is also still working when somebody leaves the company and his account with admin permissions will be deactivated.
How To Reproduce
Steps to reproduce the behavior including:
1. Create a Server-to-Server App
2. Try to find or manage this App from a different User with admin priviledges.
3. Shrink admin priviledges of the user who created the App.
Thank you so much for reaching out to the Zoom Developer Forum, I am happy to help here!
Unfortunately, there is no way to add Collaborators to the Server to Server Oauth app nor to the Webhook-only app.
Since the Server to Server is tied to the user and the scopes available for each user are related to the permissions they might have, it is not possible to add collaborators to it.
I will make sure to bring this feedback to the team to see if they have any input for you!
Hi @elisa.zoom, Yes please bring this feedback to the team. I guess this could be very important. We live in a dynamic and rotating work society. It can happen very fast, that the developer who creates a lot of apps leaves the company and his account will be depracted.
I will do! The other thing I forgot to mention is that for Server-to-Server OAuth apps, you can actually transfer the app owner in case someone leaves the company; you just have to make sure that the person who is receiving the app has the appropriate permission.
Have an amazing day ahead!
HI @elisa.zoom I´m aware of the funcionallity of transferring apps to another app owner. But what will happen with the app when a user is disabled/deleted in the zoom tenant and the app is not transferred?
- Is the app still working with limited permissions,
- deactivated and not working
- or still working with the settings and permissions as created
Sorry for the late reply!
If the app is not transferred then when a user is disabled or deleted, the app won’t work anymore because the app is tied to the user who created it.
Hope this helps,
Thanks @elisa.zoom for that information. But I think that underlines the need to bind apps to groups or roles and not only to individuals.
But for all I know zoom, that will be implemented very quickly (hopefully)
Thanks for your understanding @dennis.raulien
I will update you if I hear anything related to this issue