I have a web app which users can sign into with google or with normal credentials. I want to authenticate my zoom app users as users of my app within zoom. I was able to do so if a user has a valid username/password combination. However, this is proving to be a challenge for Google sign-in users because google disallows embedded browser sign-ins.
Reading the zoom documentation, I found the following (Authentication)
** Leverage system browser authentication sessions. If your users have active sessions with your service in their default browser, you can reduce friction by sending users to the browser using OpenURL and capturing the active authentication from the browser.*
This seems like a good strategy but I’m not sure how I would capture the authentication and return it to the zoom app.
Still having issues figuring this out. The documentation definitely seems to imply this is possible. I’ve built a unique login page that can open zoom from a deeplink but I’m not sure how to add in the payload with the token, or how to to handle it within the zoom app. Help would be greatly appreciated.
Integrating authentication with Zoom and managing user sessions can indeed be a bit complex, especially when dealing with different authentication methods. For handling authentication in your Zoom app, you can follow a flow similar to the one outlined below:
Initiate Authentication from Zoom App:
- When a user attempts to sign in through your Zoom app, trigger an authentication request to your web app.
Redirect User to the Web App for Authentication:
- For Google sign-in users, redirect them to your web app for authentication. You might generate a unique authentication URL for each user.
- Allow the user to sign in using their Google credentials on your web app. Once authenticated, generate a secure token that represents the user’s authenticated session.
Return Token to Zoom App:
- Redirect the user back to the Zoom app with the secure token as a parameter in the URL.
Handle Token in Zoom App:
- In the Zoom app, extract the token from the URL and validate it. Use the token to establish a session for the user in your Zoom app.
Here’s a simplified example in pseudo-code:
# In Zoom App
authenticationURL = "https://yourwebapp.com/authenticate?zoomRedirect=zoomapp://callback"
# In Your Web App
# Handle Google sign-in or other authentication methods
# Once authenticated, generate a secure token
secureToken = generateSecureToken(user)
# Redirect the user back to the Zoom app with the token
redirectURL = "zoomapp://callback?token=" + secureToken
# Back in Zoom App
# Extract the token from the URL
token = extractTokenFromURL()
# Validate the token and establish a session for the user
Keep in mind that security is crucial when handling authentication tokens. Ensure that the token is securely transmitted, stored, and validated to prevent unauthorized access. Additionally, consider implementing mechanisms like token expiration and refresh to enhance security. Always follow best practices for secure authentication and communication between your web app and the Zoom app.