Authorize App for Simple and Specific Needs

Dear all,

I need some help, a general guidance for what I need to do.
Prior to asking this question, I’ve, of course, read the documentation though I got confused since it seems that the docs were written bigger apps (and much more complex needs) in mind.

Ok, here’s what I need to do:

  • Create a custom registration form for the participants of our upcoming meetings.
  • Handling all e-mail communication with participants by myself, that is my backend will be sending the confirmation and information (updates, cancellations, etc.) mails.
  • Track the participants’ join and leave timestamps (and identities) to/from a given meeting.

I understand that for these specific purposes, I should…

  • Create the meeting via Zoom web panel.
  • Enable the registration required option.
  • Disable the send confirmation e-mail to registrants option.
  • Create a JWT app to register the participants whose information has been collected via our own services (send request to the relevant Zoom API endpoint).
  • Create a Webhook app to collect the event-based information such as join, leave, etc.

Lastly, let me elaborate the confusion part with a couple of examples…

  • Documentation states that a JWT app is required (and preferred) for server-to-server communication whereas OAuth app is for user-action purposes (frontend apps?), yet the page for endpoint/of/add/participant/to/meeting says that OAuth should be used for authentication.

  • Also, there is an API Key and Secret at the bottom of main settings page. What are those for?

In short, which method should I use to authorize my micro-webservice to add / update registrants?

Your help is much appreciated, just a small nudge to the right direction :slight_smile:
Thank you…

~ Fatih

Hey @pikonferans!

Your workflow is spot-on, great job doing your research!

As for the confusion items:

  1. OAuth is for apps that are going to be distributed/shared for installation outside your account. JWT is “bound” to the account where it is created, and can only ever operate on that account, the purpose of JWT apps are for trusted, back-end services (like what you’re describing)

  2. Those are for connecting integrations, such as our Zapier: Zapier Authorization Error

For what you’re building…use JWT app build on Zoom Marketplace using the account where it will operate!



Hi Dean,

Thanks for the clarification.
Following your confirmation, I’ve created a JWT app and managed to connect our webservice to Zoom API successfully.
So far, so good.
Thanks again…


~ Fatih


1 Like

Thanks Ben!

Let us know if you have additional questions @pikonferans! :slight_smile:


1 Like