We want a user to login via OAuth in order to run their meeting from within our app. If we can already get the access token via the REST API, is there anyway we can use this to work with the SDK?
If we want users to sign into their account in order to host any kind of Zoom meeting would we still need to distribute the SDK ID and secret? If so, what’s the intended, safe way of doing so for consumer apps?
More details:
We’re working on an Electron app. We want a user to be able to log in to the VC provider (Zoom, BlueJeans, WebEx, etc.) of their choice. They’ll get a provider access token, and we’ll simultaneously give them a token to access our endpoints as well. The VC provider hosts the meeting and handles audio, video, etc, and our app serves as a wrapper / extension for the meeting that emphasizes sharing multiple streams of content which we manage independently - i.e. we don’t depend on Zoom for these. Having looked at the available Zoom SDKs and APIs it seems like all of this functionality exists, but none of it exists within a single SDK in such a way we can leverage it.
The REST API provides OAuth which is exactly what we want for the login as it lets the user sign into their existing Zoom account and works with our authentication as a service (AaaS) solution. The problem is that the REST API is only useful for dealing with things before and after a meeting, so this isn’t sufficient for what we want to do.
The electron SDK has all of the realtime meeting features for a totally integrated Zoom meeting, but it doesn’t seem like we can get this to work with our AaaS solution. From the demos and docs it seems like the native SDKs don’t use the OAuth endpoints which is what we’d like to go through to get a user’s access token. We’d then want to use this access token in order to authenticate the client SDK so they can run their meeting. We have no interest in hosting meetings under our account; a user needs to have a Zoom account to have a Zoom meeting.