Filter Webhook calls by environment with Server to Server OAuth

We’re using Server to Server OAuth to receive Webhook callbacks to our servers. For compliance reasons, we have Webhooks disabled in our staging environment; we can’t let our test environment come in contact with live confidential data from the Webhook. For development reasons, we need to enable and test Webhooks in staging, and it is believed that the only way we can do this without exposing production data would be to set up a completely independent Zoom account for testing. Is this our only option, or is there a way to filter data that is sent to a Webhook by environment?

Hi @paul.keister ,

For your case would websockets be more suitable? With websockets you do not provide zoom with an endpoint, instead zoom provides you with an endpoint that you need to open a websocket connection with. Once the connection is open, zoom will continue to send you all these events in real time. The events received in websockets contain similar payload as webhooks (including qss). Let me know if you need any additional clarification.

You can sign up for the beta here: WebSockets are in a public beta. Fill out this Google Form to sign up. See the WebSockets Beta FAQ below for details.

Find more information here:

Hi @ojus.zoom , thank you for your response. I don’t think websockets would address our situation, because we need content to be filtered from the event stream before we receive it. It sounds like moving to websockets would just give us the same event stream over a different transport.

We’ve been experimenting with sub-accounts, which do exactly what we want, but also have some unexpected behavior that we’re struggling with (specifically the RegistrantID property seems to be missing with sub-account events.) We’re probably going to have to move to a multi-account configuration.

Hi @paul.keister ,

I want to understand your use case better. Can you DM me your email with your availability this and next week?

This topic was automatically closed 368 days after the last reply. New replies are no longer allowed.