My team has built an integration using the v2 REST API from our training application that allows Administrators in our application to automatically set up zoom meetings corresponding to the training they schedule.
In building this, we have found the authentication mechanism for our customers to be very confusing, to the point that I believe it will reduce adoption levels. Issues follow:
In order to generate a key and secret, we must have each customer create a developer account. These are non-technical users who will be scared-off by reading this and will not attempt the integration.
In order to create the key/secret pair, you must create an “App” which indicates this pair is associated directly with a specific app. This is not true, as the pair relates only to the user, not the app.
Related to the previous point, a user can only have 1 key/secret pair, even though they name an app. The UI implies that you can only have 1 app integrated for a given user. In reality, the app part is irrelevant, and the keys are user specific.
I would highly recommend removing the App portion of the UI, as it serves no purpose. Beyond that, I would request moving the key pair into the account somewhere. There is an API key and secret pair under meeting settings which will not work with this API. That is the natural place for a user to look for this. If they are not a developer, they will not want to go into the developer section of the app.