Happy to help clarify!
For publishing an OAuth authentication app, do we need a licensed account?
This is not required, but recommended.
Can we publish an account-level app with JWT authentication? If we can publish such type of apps, is there any functional difference between a published and an unpublished account-level JWT authentication app apart from listing the published app in Zoom market place?
JWT apps cannot be published publicly, as they’re account level apps intended for use cases such as building out functionality within our SDKs, internal tooling, reporting, etc. JWT apps do not contain scopes and have unrestricted access to a specific account. To publish an app on our Marketplace, you must use OAuth.
We(CRMOrg) develop an enterprise level CRM application which will be purchased by different organizations, say OrgA and OrgB are using CRM application built by us then OrgA and OrgB will have their own Zoom accounts with their own API key and secrete key combinations. Then should OrgA and OrgB have to publish their Zoom apps or Zoom app published by us(CRMOrg) will suffice. Also how an account-level vs user-level applicaiton will fit this scenario for JWT vs OAuth authentication type?
If you publish an Account-Level app on our Marketplace, OrgA and OrgB will be able to use your app, via authentication by way of OAuth. If you created an account-level OAuth app that was published, they’d grant you account level access to their respective accounts when authorizing your app. You would then be able to take action on their accounts’ behalves, in respect to the capabilities of your published app. They would not need to use their own API key/credentials if they authorize your published app.
If you created a User-Level OAuth app, you would have access to perform actions on users’ accounts (who authorize your app)—a narrower scope.
Let me know if this helps!