Dynamic Installation and Deauthorization URLs

We have an OAuth application which enables Zoom users to connect their existing Zoom user account to our service (Breezy HR) as an option for live video interviews.

Our application architecture (with many thousands of customers) allows a single user to be a member of multiple companies, each company has a unique URL path inside of our application with context-specific settings. For example, a user may be a recruiter for Zoom and for Google with a unique set of connected apps and related user information but with the same user account.

In our software the URL path is templated to include a “friendly” identifier for each company. For example, using the Zoom/Google information above, while the same user was in the Zoom company context their URL may be https://app.breezy.hr/c/zoom/user/settings when they were in the Google context it would be https://app.breezy.hr/c/google/users/settings

Based on the submission criteria for publishing, this is posing some seemingly insurmountable problems for us. One is the form of the required Deauthorization URL, the other is the installation URL. In both for cases, the URL is unique to both the company and the user instance, there is no single URL possible for either.

I’m wondering how we can overcome this barrier so we can get our integration in the hands of external users.

Hey @darren,

I understand your architecture of the url paths.

I don’t see the issue for the DeAuth url because that URL is for accepting a POST request with the Zoom user in the payload, so I think this would not affect your company specific URL paths. (Of course correct me if I am wrong.)

As for the Installation URL, you could include the company slug in a query param at the end of the install URL, which persists through the OAuth flow, and handle the redirect once you the user lands on the redirect URL.

For example:


After install and redirect:


See the second part of my post here for more details:

Let me know if that helps!


@tommy thanks. Yes, that should work on the DeAuth. I wasn’t sure if it was a path you’d send the user to or if it was an API request.

For the installation URL, what I’m wondering about what we should enter for the URL but again, it may have just been a misunderstanding. We already have this working on our end with multiple customers, it was more a matter of what you want us to provide.

Sounds like you’re just asking what our initial OAuth endpoint is which initiates the installation.

Hey @darren,

Yeah to clarify on the installation URL, do you mean the redirect url, install URL, or the Install from your site url?

Redirect URL:
Screen Shot 2020-03-06 at 2.02.18 PM
Install URL:
Screen Shot 2020-03-06 at 2.02.35 PM
Visit Site to Install URL:
Screen Shot 2020-03-06 at 2.02.25 PM


The “Direct landing URL”

Hey @darren,

I would suggest using the Install from marketplace flow.

Visit site to install is for apps that need you to install their app like this Spark: https://marketplace.zoom.us/apps/tmqvkldFT3qKBBRPso6Djg

It does not affect you using the Install URL in your application. :slight_smile:


hey @tommy ,

In darren’s case, what would an example deauthorization URL look like? Would something like https://any.breezy.hr/zoom/deauthorize work? Also, what if I support multiple top-level domains like https://any.breezy.co.uk/zoom/deauthorize. Could the domain extension portion also be handled by the “any” wildcard?

Hey @peyterkim,

Currently we only support one deauthorization endpoint.