What is the status on this? It has once again been another month and no update.
Hi Matt,
Our engineers are working currently to see if we can add this as a feature request.
As a work around, we recommend you JWT token to download recording file.
Apologies for the inconvenience caused.
Thanks!
I don’t think this bug should be considered a “feature request”.
We’re attempting to build an OAuth user-managed application that can access a user’s recordings. From my understanding, a JWT is not a an option for us.
@patricio.giacomino, @matt, @ryan
As of now to download a private or password protected cloud recording you must use a Zoom JWT App Type.
Use the download_url
from the Get Recordings Endpoint or the download_url
from the Recording Completed Webhook and add the access_token
query param to the end of the url with your JSON Web Token as the value.
Example:
https://api.zoom.us/recording/download/{{ Download Path }}?access_token={{ JWT Token }}
The only way to use OAuth to download a cloud recording is to have the “Share cloud recordings only with members of my account” set to off. Then you can use the download_url
to download the file with no auth required.
We apologize for the confusion and inconvenience. We have a ticket to allow OAuth private recording downloads in our backlog. Stay updated here.
Thanks,
-Tommy
Thanks for the clarification, we’ll look forward to the functionality being added to OAuth apps.
+1 for adding this feature so that Oauth users can reliably access the download links
Also looking forward to this functionality being added to OAuth apps.
The current behavior is also a problem for OAuth apps if you ever miss the Recording Completed webhook (due to network issues, etc.) because we will then miss the download token and we don’t ever get a new one. Or am I missing a scenario where we might get it some other way?
Thanks @zoom-test, we will post here when this feature is available.
If you ever miss a webhook event, you can use the GET /users/{userId}/recordings or GET /meetings/{meetingId}/recordings to get them, then use the JWT token to download as mentioned above.
Thanks,
Tommy
Tommy,
Thanks for all the replies. Unfortunately I can’t use a JWT app because the app needs to be used by multiple accounts/customers, not just my own account so that solution does not work for my scenario since JWT apps are not publishable on the marketplace.
What is your route to filling this hole for OAuth app developers?
- Add the
download_token
to those api responses? ( GET /users/{userId}/recordings or GET /meetings/{meetingId}/recordings) They are authenticated requests and would seem to be trustworthy. - Allow us to download the files by including a valid
OAuth token
in theAuthorization
header as part of the download request? - Or something else?
Hey @zoom-test,
We are working on allowing OAuth apps to be able to download private and password protected recordings. (Jira: DEVELOPERS-286)
In the meantime, to download recordings via OAuth, the recordings need to not be set to private or password protected.
Account Level Settings: (can override user level to ensure recordings can be downloaded for all OAuth users)
Thanks,
Tommy
Hey @zoom-test,
Our goal is to release this in our next release cycle in March.
Updated: ZOOM-111314
Thanks for your patience,
Tommy
Hey @das, @baohanhai,
Around Q3 / Q4. Stay updated here: https://marketplace.zoom.us/docs/changelog
Thanks,
Tommy
Woah I just came across this.
I’ve been working on an integration and now find that it won’t work because the Zoom API is broken, and is taking a year and a half to fix? This is pretty extreme IMO. Can we please have a manager chime in here, to re-assess the urgency of this bug?
The bug is obviously much more problematic now that all meetings are password-protected by default.
At least thank you @tommy for the tip that this can be worked around with a user setting. However, it’s worth noting that 1) This workaround is a security nightmare (undermining the recent change to require password protection, and 2) It doesn’t work for previous recordings. Users are likely to enable this setting only after a download fails, so it won’t help for the task they were looking to actually accomplish