Evidence Guidelines for Your Marketplace App
We accept all forms of documentation and ask that you include it in your Technical Design Document. This includes certificates, diagrams, and written documentation.
Security evidence documentation (SSDLC, SAST/DAST etc.) is required for these app review requests:
- Request for an Authorization URLs (Beta)
*If you have a specific use case you would like to inquire about, reach out to marketplace.security@zoom.us.
In addition, please submit security evidence documentation for the below app review requests. They will be considered (and depending on the nature of your app, mandatory) when conducting the app review:
- Request to publish Zoom Apps apps
- Request to publish SDK + OAuth apps
FAQ
What should I include in my Secure Software Development Lifecycle (SSDLC)?
Your SSDLC should be an internal document that reflects your entire development process from the outlining of requirements to production.
What does SAST/DAST evidence look like?
Screenshots of your app’s latest scan will fulfill this requirement.