So I tried to use as little scopes as necessary when creating my app. In the end, all I needed was to be able to create a meeting.
Invalid access token, does not contain scopes: [user:write:admin, user:read:admin, user:read, user:write, user_profile]."} when calling the users/me or anything of the likes. The truth is: I don’t need name, email or anything at all. I just need the id so I can link it to the other config. That way, when a user deletes the integration in zoom and I get the deauth notice, I can remove the data on my end.
Which App Type (OAuth / Chatbot / JWT / Webhook)?
How To Reproduce (If applicable)
- Create an app with no scopes except maybe create:meeting. Nothing about user info at all.
- Try to fetch the resource owner details or the users/me endpoint
I need this to be able to respond to a deauthorize call.