We are building a app in Zoom, that helps organizer/host to issue credentials to participants of the meeting.
We are fetching the participants list after the meeting ended to find all the durations of participants. We use the zoom access token of the person who raised the request, to fetch the participants list.
As of now, only organizers access token is able to fetch the participants list. If we use the host access token who is not organizer, it is not allowing to fetch the participants list. We get the below error
{code:403,“message”:“Authenticated user has not permitted access to the targeted resource.”}
Below is the API, I am using to fetch the participants list
API: past_meetings/{meeting_id}/participants.
Thank you for posting in the Zoom Developer Forum. Based on the description, the API is working as expected. If the user is not in the tenant that held the meeting or is not a host/co-host of the meeting, they will not be able to fetch the participant list. To resolve this, make the request using either a host/co-host access token or a user with appropriate permissions.
Let me know if this works for your use case or if you have further clarification about why this workflow is vital for your use case.
Hi @donte.zoom,
Thank you for the reply. I am still facing this issue.
{
"code": 403,
"message": "Authenticated user has not permitted access to the targeted resource."
}
API: past_meetings/{meeting_id}/participants.
Scenario: I am trying to fetch the zoom past meeting participant details with host access token fetched through oAuth flow. In this scenario, host is not the organizer/scheduler of the meeting. After the meeting started, the organizer made another participant as the host of the meeting.
Both the organizer and the host(made by the organizer) have enabled the shared access permissions while installing the app, to allow the host access token to fetch the meeting participant details. But still the host is not able to access the meeting participants after the meeting.
Some hosts were able to access the meeting participants, while some are not. We are not able to pinpoint the exact difference between the hosts who are able to access and host who are not able to access . And I am not able to find any proper documentation that explains with this scenario.
I wanted to know, what are the conditions zoom checks to allow a participant(host) to access meeting participants. Let me know if you need more information.
In this scenario, it sounds like you’re looking to get meeting details as a participant who was promoted to host during the meeting, and you’re using the organizer’s access token to make the requests. Is that correct? If so, the participant who was promoted to host would not have access to that Zoom meeting data, as I’d expected it’s only to accessible to the organizer/scheduler of the meeting.
What happens if you make the API request with the organizer?
I am using the promoted host access token to fetch the participant list after the meeting is completed. Promoted host is not able fetch the meeting participants. And if I use the organizer’s access token, I am able to fetch the meeting details.
And also, with some users where the user who is promoted host and organizer enables shared access permissions, promoted host is able to fetch the participants list. And with some users(promoted to host users) its not working.
@eshwar ,
That’s interesting. Are you able to reproduce this behavior? How are you tracking which users can fetch the participant list after being promoted to host? For the users who can successfully get the list after promotion, are they in the same account as the meeting creator, or are they external users?
I have tested with two users, both are from the same account as the creators/organizers account. But one user can get the participants list and another user cannot after being promoted to host.
My app only allows host of the meeting to access it. So, I would get the host access token through user login into my system. And I maintain this access token, to fetch the meeting participants after the meeting is ended.
I wanted to know, what is the expected behavior. Does the member/participant who is promoted to host can access the meeting participant details with his access token after the meeting is ended or not?
So, as per our previous discussions, the conclusion is that the user who is promoted to the host will not have the access to the meeting details. And this is the expected behavior from Zoom rest APIs. Only the user who is the organizer/scheduler has access to the meeting details through Zoom rest APIs. Can you confirm this?
Yes, that is correct – the users who is assigned as a host when the meeting is initially created has the privilege to access to the participant list, not the user who is promoted to host during the meeting.