How can I use mutable subdomain for Deauthorization Notification Webhook URL?

Description
Hi team,

Our product is an SaaS, hence, there are thousand of clients using the software distinguishing by subdomain. E.g. https://client1.product.com, https://client2.product.com.

I’m trying to integrate Zoom to provide our clients as a video conference tool in our system. However, it seems I can provide only 1 URL for Deauthorization Notification. This leads to a limit on my implementation for multiple clients based on 1 Zoom Oauth App.

Do you have any suggestion for this case?

Which App Type ?
OAuth & Webhook

Thanks!

Hi @tuancode, reference our OAuth docs section on Using Multiple Environments:

To support multiple subdomain environments for your users, add any as the subdomain of your Redirect URL (development & production).

Example: https://any.yourapp.com.

In your install link, dynamically set the respective subdomain on the redirect_uri param:

For https://sub1.yourapp.com:

https://zoom.us/oauth/authorize?response_type=code&client_id=7lstjK9NTyett_oeXtFiEQ&redirect_uri=https://sub1.yourapp.com

For https://sub2.yourapp.com:

https://zoom.us/oauth/authorize?response_type=code&client_id=7lstjK9NTyett_oeXtFiEQ&redirect_uri=https://sub2.yourapp.com

For deauthorization, I do not believe we support the same use of multiple environments, but I will confirm this. Each deauthorization event includes a userID; I would handle each userID and direct them to the appropriate environment/database.

Let us know if this helps; I’ll confirm further.

Hi @michael.harrington,

Thank you. I think it’s quite impossible because of the event. It is impossible to Zoom can know which user belong to which subdomain. Therefore, the only solution I realise is that I have to implement a Centric API to redirect to corresponding Deauthorization Notification Subdomain URL.

Hey @tuancode,

As a workaround, you can have one deauth endpoint, that reads the body and then determines which subdomain the respective user_id or account_id is in, then make a request to the respective sub domain to complete the data compliance flow.

Thanks.
Tommy

1 Like