Description
I am building an app that will allow customers to connect their zoom account to my service. My service will import their recording transcripts and do some machine learning on them. I’m trying to figure out the best way to provide this. I’m specifically struggling with auth right now.
Option 1: JWT App
If a cloud recording is not set to public, then the only way I can download the files programmatically is to use JWT auth (I think). However, I can’t get JWT auth to work. I am getting the JWT from the App Marketplace for my JWT app. I set it to be good for 1 week and I generated it today so it should be valid for sure. Then from the API documentation page for getaccountcloudrecording I am using the easy form on the page to test the request. I enter the JWT token where it asks for the oauth token. For the account ID I am entering the “Account No.” which I am retrieving from zoom.us/profile. Result is 401 status with body {“code”: 124, “message”: “Invalid access token.”}.
So first I need to figure out what I’m doing wrong with auth. However, even if I can get this to work, it is not ideal because it requires the user sharing their data to have high privileges in zoom and also they have to create their own JWT App and share the JWT with us. Much better would be to use OAuth.
Option 2: OAuth (preferred, but has problems)
With OAuth, I can download recording transcripts just fine for a single user. This is okay, actually preferable, for my use case. However, when my script tries to actually download the VTT or TIMELINE files, I run into an auth problem. OAuth token is insufficient for downloading these files if they are private or password protected. The only way I can get this to work is to set the recording sharing settings to public. Is there any way around this? It seems like the oauth token should be okay because it is for a specific user and I’m only accessing that user’s own recordings. I’m guessing this is a dead end because I’ve read in two places in your docs/forum that this limitation is real.
FYI for this option, this is an OAuth app (obviously). I’m using /v2/users/me/recordings to get recordings. That is working fine. In that response, I grabe the recording_files that are of type TRANSCRIPT or TIMELINE. From those, I grab the download_url and try to download. With setting bearer token to oauth token, I am rejected. If it set recording to public and omit auth header, it works. But I can’t expect my users to make all their recordings public.
Option 3: Any ideas? Any other approaches I am missing?
There is another way! The Recording Completed webhook for a User Level OAuth app includes a download token which you can use to download the recording programmatically.
Thanks all. Regarding option 1, I was doing something wrong and figured it out.
I’m greatly looking forward to using option 2 (OAuth) in March!
I am aware of Option 3, but my primary use case right now is backfill, plus async comms generally need to ability to heal missed records anyway so I agree with @matt that webhook only is really not a suitable solution.
Do we have a read on what the new behavior will be? Will we need to just add the OAuth token as a bearer authentication token header as in how the rest of the api is interacted with?
Hi I
am also use option 1 to get all videos download URL. But I have trouble to bulk download them. Would you please advice how do u download server videos by script instead of using the browser.
Thank you.
@tommy is there any chance this will get shipped soon or is it going to be frozen until after the 90 day period of security updates? Not having the ability to use OAuth tokens as authentication for downloads has caused some issues in an increased traffic/latency situations. This would go a long way towards solving a lot of problems.