Handling Auth (+ In-client OAuth)

Hi all,

I’m currently reviewing our app’s authentication

I was looking at the startAuthorize() API from the SDK (link here) but it wasn’t clear what this actually does or how it works.

I assumed it would initiate the OAuth flow by opening the browser (today) and then in the future it would start the OAuth flow in-client, but that doesn’t seem to be the case

I used the API in my Zoom app by:

  1. adding the startAuthorize scope to the app,

  2. including it in the capabilities field when calling config(), however when I actually call


I get the following error message:

Error: No Permission for this API. [code:80002, reason:unknown_api_name]

I get the impression this API was created last year for in-client auth but it isn’t currently usable?

Overall I am a bit lost, so wondering:

  1. Does this API work and should we be using this API to authenticate now? (it seems not)

  2. Will the in-client OAuth be utilizing this API to authenticate?

  3. Does anyone know if there’s anywhere I can find documentation on the upcoming In-client OAuth?


1 Like

Hi @om7 , thanks for the question. We will be announcing an update to this soon and phasing out this particular method to be replaced with a new one. We are currently not accepting apps for review that have the in-client auth setting enabled in the build flow. We are on-track to support the new version of in-client auth with the upcoming 5.10.3 release. Hope that helps!

1 Like