Embedded Zoom Scheduler: Unable to Retrieve Booking Details or Host User ID After Booking

API and Webhooks Zoom Scheduler
1

Summary

We are integrating the Zoom Scheduler into our application using the embedded scheduling page (Embed SDK) and a Server-to-Server OAuth app. After a booking is created, we are unable to retrieve the full scheduled event details due to limitations in both the embedded postMessage payload and the Scheduler API requirements.

Our Setup

  • Auth: Server-to-Server OAuth (account-level)
  • Integration: Embedded Zoom Scheduler page (Embed SDK)
  • Scheduler configuration
    • Multiple Zoom users (hosts)
    • Users can book with different team members
  • Scopes enabled
    • scheduler:read:scheduled_event:admin

The Problem

1) Embedded Scheduler postMessage strips booking data

After a booking is completed, the embedded Scheduler page sends a postMessage to the parent window. However, most of the booking details are intentionally stripped out.

Relevant code from the embedded page:

const postFormInfoToParentPage = (formValues, bookingResponse) => {
  const origin = searchParams.get('origin');

  if (!origin || !window?.parent) {
    return;
  }

  let scheduledEventData = {};
  const attendee = (bookingResponse?.attendees ?? []).find(
    (attendee) => attendee.email === formValues.bookerEmail
  );

  if (bookingResponse?.id && attendee?.id) {
    scheduledEventData = {
      scheduledEventId: bookingResponse.id,
      attendeeId: attendee.id,
    };
  }

  window.parent.postMessage(
    {
      type: 'bookingForm',
      payload: {
        // Only event + attendee IDs are provided
        ...scheduledEventData,
        // Legacy fields (form values only)
        ...formValues,
      },
    },
    origin,
  );
};

Only the following are provided

  • scheduledEventId
  • attendeeId

Missing but needed

  • start_date_time
  • end_date_time
  • summary
  • location
  • external_location.meeting_join_url

This data does exist in bookingResponse, but it is not sent to the parent page.

2) Scheduler API requires user_id, which we don’t have

To work around this, we attempted to fetch event details using:

GET /scheduler/events/{eventId}

However

  • This endpoint requires a user_id query parameter
  • Our Scheduler supports multiple hosts
  • The postMessage payload does not include:
    • Host Zoom user_id
    • Any identifier that can be mapped to the host
  • The provided attendeeId is the booker, not the host

As a result

  • We cannot determine which user_id to pass
  • Calling the endpoint with an incorrect or missing user_id returns 404 Not Found
  • Calling it without user_id, even with Server-to-Server OAuth and admin scopes, also returns 404

What Would Solve This

Any one of the following would unblock us:

  1. Include more booking data in the embedded postMessage

    • e.g. start_date_time, end_date_time, summary, location, external_location.meeting_join_url

  2. Include the host’s Zoom user_id in the postMessage

    • This would allow us to call:

      GET /scheduler/events/{eventId}?user_id=...

  3. Allow account-level access for Server-to-Server OAuth apps

    • Enable GET /scheduler/events/{eventId} to work without user_id when using admin-level S2S OAuth, similar to other Zoom APIs

Impact

Without access to either:

  • Full booking details, or
  • The host’s user_id

We cannot display a proper booking confirmation page (meeting time, host, join link, etc.). This significantly degrades the user experience.

This isn’t a hard blocker for me yet, but it does make the integration a bit awkward from a user-experience standpoint.

If anyone has run into this before or has found a workable solution, we’d love to hear how you handled it. It would also be helpful to know whether this is a known limitation or something that might improve in the future.

Thanks in advance for any pointers, and happy to share more details if that helps.

2

hi @ManosN ,

OK, I don’t think this will work easily as server auth, if at all.

I would expect it to work as a user app. This is a user feature of having a schedule. This is not an admin function, which is what server-server is really for.

If you were to continue with server-to-server, the userid would be the one associated with the user who has the scheduler attached to their account. Schedules are always licensed to a user.

Let me know if you need more.
all the best

John

I have not written a schedule app, although it is on my to-do list, and therefore I have had a good look at the documentation.

3

Thanks, John. I appreciate you taking the time to look into this and share your thoughts.

I think there may be a bit of a disconnect around how the Scheduler is being used in our case, so I wanted to clarify.

We’re not building a custom scheduling app or managing schedules ourselves. We’re using the Zoom Scheduler UI itself, embedded via the official embedded Scheduler URL / Embed SDK. Users are booking directly through Zoom’s Scheduler experience.

Importantly, this is a group scheduler setup:

  • A single Scheduler is configured with multiple Zoom users (hosts)
  • Each time slot may belong to a different user (e.g. slot 1 → user A, slot 2 → user B)
  • The host is determined dynamically by Zoom at booking time

Because of this:

  • At the time the booking is completed, we don’t know in advance which user will be assigned
  • The embedded Scheduler sends a postMessage after booking, but it only includes:
    • scheduledEventId
    • attendeeId (the booker)
  • It does not include:
    • The host’s Zoom user_id
    • Any identifier that can be mapped back to the host
    • Or even basic booking details like start time or join URL

That’s where we get stuck.

While I understand the expectation that Schedulers are “licensed to a user”, in a group Scheduler context that user is not known to us externally at booking time, and the embedded Scheduler does not expose it.

We then tried to retrieve the booking via:
GET /scheduler/events/{eventId}
…but this requires a user_id, and without the host being provided in the postMessage, there’s no reliable way for us to know which one to use. Calling it without user_id, even with Server-to-Server OAuth and admin scopes, results in a 404.

So the core issue isn’t whether this should be a user vs server-to-server app, but that:

  • The embedded Scheduler flow does not expose enough information after booking
  • There is no supported way to determine the host for a group Scheduler booking at the time of the event

If there’s a supported way to:

  • Retrieve full booking details without needing user_id, or
  • Access the host user for a group Scheduler booking from the embedded flow

we’d be very happy to use it.

Thanks again for the response and I totally understand this is a nuanced area of the Scheduler APIs. Happy to clarify further if helpful.

4

hi @ManosN ,

I absolutely love this! - This is a great example of where you can take scheduling when you have a complete app under your control.
I can not see how to do this now; it may need some thinking and maybe engineering.

What a great use case. We need to make this work.

The Dev Community manager and I have requested a meeting with the scheduler team. I think speaking with them will give us a better understanding of how they built the api and how to do this.

You now have an entry in my Zoom Tasks List . ;-0

John

@elisa.zoom - will need to speak to the PM for this?