Error 2308 when starting RTMS via REST API as a participant in an external meeting

Hi Zoom Developer Support Team,

We are currently evaluating Zoom’s Real-Time Media Streams (RTMS) for capturing customer-facing meetings. Our architecture involves our internal agents (who have our RTMS app installed) joining Zoom meetings scheduled and hosted by our external customers.

Our app is a General App with RTMS scopes, currently in development (unpublished) status.

The Scenario:

  1. An external user hosts a meeting.
  2. Our internal user joins the meeting as a participant using the account where the RTMS app is installed.
  3. Our backend attempts to manually start RTMS using the REST API (PATCH /v2/live_meetings/{meetingId}/rtms_app/status) using S2S Auth token and the RTMS app account credentials.

The Problem: Instead of the host receiving an in-meeting approval prompt, our REST API call immediately fails with the following error:

{“code”:2308,“message”:“User ‘…’ is not allowed to start the RTMS app. Only the meeting host or an alternative host can perform this action.”}

Our understanding was that the external host should receive a prompt to approve or deny the RTMS session when a guest brings the app. (Note: The flow works perfectly when the meeting is hosted internally by a user on our account).

Can you help us troubleshoot if this is because our app is currently unpublished, or do we have to enable some specific settings on the external host’s account?

@Hanvitha just to check is the user starting RTMS, in the meeting invitation list?

Thankyou for your response, adding our agent to the meeting invitation list (rather than having them join anonymously via the join URL) resolved the issue. The external host now correctly sees the RTMS approval prompt when we initiate the request to start RTMS.

Since we are now able to successfully use the app in an external meeting while it is still in the “unpublished” development state, we have a follow-up question regarding the app publication process:

Does this mean we do not strictly need to publish our app to the Zoom App Marketplace for this specific use case? Given our architecture, only our internal agents will ever add the app on their accounts, while external customers only interact with it by granting permission during the meeting.

If app approval/publication is not strictly required, what would be the risks or limitations of keeping the app unpublished?

Hi @chunsiong.zoom , just wanted to gently follow up. Could you clarify if there are any risks or limitations in keeping the app unpublished for our specific use case?

@Hanvitha let me check and get back to you