Description
Is there any way to get the user data without the use of OAuth?
Which App Type (OAuth / Chatbot / JWT / Webhook)?
OAuth
Which Endpoint/s?
/users
Additional context
From what I can tell, the SDK does not provide tools for getting data, such as the profile pictures of joined attendees, so I was looking in the API for some way to do this, but it seems as if every single user needs to first authenticate for that to be possible.
I’ve only tested this on a non-published OAuth application, so I don’t know if the restriction of not being able to request others’ information will be lifted once published.
I just find it weird, that you need OAuth to get this type of data… It makes sense when you use the endpoints with the me ID, but not when you enter someone else’s ID. It’s not like the requesting user has any effect over data that has no relevance to them.
Thank you for reaching out to the Zoom Developer Forum. If you’re trying to use the List Users API, you should be able to do this with an Account Leve OAuth app or a JWT app.
When you call that API, what response do you get?
While your app is unpublished, it can only be installed by users on your account.
{
"code": 1001,
"message": "User does not exist: {email address}."
}
I was using /users/{userId}. I don’t want to ask every single user to authorize my app just so that I can be able to see their name and profile picture. If there were some way to get that profile picture UUID, then this wouldn’t be a big issue, but still annoying to work with.
Thank you for the update. With an account-level OAuth app, an administrator on an account would only need to install your app once in order for you to have access. From there, you can use the account-level credentials to make requests against the users on their account.
Thing is: I’m not trying to get data from users of the same account. I want to get data, such as the name of the user, when the account doesn’t belong to me nor has ever authorized my application.
The SDK gives me a onUserJoin() event, but it only provides IDs from what I can tell. This wouldn’t be an issue, but it’s just not possible to make every single participant authorize. So the result of this would be that participants would have their IDs as their names, because I am unable to get that data in the first place.
This is a question that mixes both documentations. The API is supposed to be the place to request resources, but it just can become really uncomfortable to use.
I can definitely understand how that would be useful. While it would simplify the process to query information about other users, they will need to consent to sharing this information prior to it being available to a 3rd party.
This is due to our privacy and security policies put in place to protect user information and better align with various data/privacy regulations set in place around the world. You can learn more at our Trust Center.
With the Web SDK, you would also only be able to host meetings that were created under the same account as the JWT App. If you wanted users outside of your account to use your app with their meetings, they would need to provide their own JWT credentials which isn’t recommended.
Instead, although it requires the step of app authorization, it seems that creating an account-level OAuth app that is published to the Zoom Marketplace is the best option. This would mean that an account administrator would be able to install your app and you could then make requests to the API on their behalf.