We’re in the process of scoping a reporting tool that would act as Unified Presence Indication for a specific department within our company, and would like to incorporate the user.presence_status_updated Webhook from both the Zoom Meetings API and the Zoom Contact Center API.
While scoping this project with our IT team, we’ve run into some issues regarding granularity in authorization for the reporting tool. We’re trying to understand if there’s a combination of API scopes and general user-role permissions that could land the reporting tool with something like a group-level, read-only. Basically we need the tool-user to have the following authorization level:
- Can receive user.presence_status_updated for all users in a specific group.
- Does not have edit access to any user.
- Does not have any access to users not in the specified group.
The webhook itself only requires a user:read scope, but I’m struggling to find a way to apply this across an entire group, and only for that specific group, without giving any write access AND without having to manually provide access to new users (the access should be automatically inherited when they’re assigned to the group).
Is this level of access granularity currently available?