Cannot get current user's email

API and Webhooks
1

API Endpoint(s) and/or Zoom API Event(s)
There’s not an entry for this in the Zoom users API page. v2/users/me

Description
I need my user-managed, “General App” Zoom app to communicate the current Zoom user’s email address to my backend in a secure way (like, we don’t want it to be easy for someone to spoof someone else’s email address)

To accomplish this, I am trying to do in-client authentication, and following the outline in this Zoom example app: zoom/zoomapps-advancedsample-react. I expected to be able to use the access token after hitting https://zoom.us/oauth/token to get the current user’s email with a request to https://zoom.us/v2/users/me.

However, the access token scopes are user:read:email zoomapp:inmeeting, and using that token to request the current user’s email returns an error Invalid access token, does not contain scopes:[user:read:user:admin, user:read:user].

Scopes/Settings Stuff
Again, this is a user-managed, general app intended to be used for Zoom Contact Center.

For configuring the app:

  • I selected all capabilities in “Zoom App SDK”
  • I selected all scopes

On my user account, I went to App Marketplace and selected whatever under “Shared Access Permissions” to make it now say Authorized (I feel like this is unrelated)

Error?

  • I’m getting an access token from https://zoom.us/oauth/token, and it doesn’t have the right scopes.
    • or, it does have the scope user:read:email, but I have no idea how to use that to get the user’s email, if that’s even possible.
  • using the access token to try to view the current user’s user (GET to https://zoom.us/v2/users/me) the response has the message: Invalid access token, does not contain scopes:[user:read:user:admin, user:read:user].

How To Reproduce

  • Have user-managed, general app intended to be used for Zoom Contact Center.
  • select all Zoom SDK APIs and scopes for the app.
  • as a normal user, log in to zoom workplace and open the app from the “Apps” tab
  • click button that starts authorize() → onAuthorized flow
  • on backend, make request:
Method:POST 
URL:https://zoom.us/oauth/token?code=[zoomAuthCode from onAuthorized's event.code]
    &code_verifier=[code challenge generated for authorize()]
    &grant_type=authorization_code
    &redirect_uri=[our redirect url]

Headers:
  Authorization: "Basic [encoded user-managed app credentials]"
  Content-Type: "application/x-www-form-urlencoded"
  • get response, which has scope: user:read:email zoomapp:inmeeting
  • send GET request to https://zoom.us/v2/users/me with headers `Content-Type: “application/json”, Authorization: "Bearer [zoom’s access token from the previous post request]
  • the response has message: "Invalid access token, does not contain scopes:[user:read:user:admin, user:read:user]"
2

hi @ccerra
welcome to the forum

Please don’t just select all scopes. Select the ones you need.

So you need to check the scopes for your app

image
image1302×732 55.3 KB

add these and then save the app.

You will then need to reconnect and authorise to pick up the permissions.

1 Like
3

This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.