Hi Zoom Team. Our use case is us having a Zoom Android app that can be installed by anybody, and it needs to communicate with a private server that we own that will receive webhook events and communicate those event updates back to the Android app. We are looking for a streamlined method of having our private server be authorized to get events from user accounts signed in on the Zoom Android app. The two obvious choices seem to be making the private server an OAuth Zoom app or a Server-to-Server OAuth Zoom app.
If I understand correctly, OAuth apps require the user to consent through a webpage form before giving authorization. Server-to-Server OAuth Zoom apps don’t require an additional step for the user side. Server-to-Server sounds more streamlined for what we want to do, but first: is a Server-to-Server app fitting for any Zoom account not affiliated with the developer of the app? We want this to work for anybody with a Zoom account and not require the user being in a certain organization.
The second question is that if having our private server be an OAuth app makes more sense, is directing the user to the authorization webpage provided by Zoom the only way to have the OAuth app be authenticated to the user’s data?