Currently, I can enter only two redirect URIs one for development and one for production.
Our application has three environments: development, staging, and production.
Should I redirect staging users to the development URI after the
authorize request? Or maybe create one zoom app for my development environment and one zoom app for staging and production?
What’re your recommendations?
Does it safe to expose the authorization code to the user (browser)? Not the access token of course, just the code, and then the browser will send the code to my server to generate the access token and make the requests to zoom API secretly.
Which App Type? OAuth
How To Reproduce (If applicable)
Screenshots (If applicable)