Is it safe to use start_url for users outside of our account?

third.party_20190621 · November 26, 2020, 2:12am

Description
Is it safe to use start_url (webinar) to our end-customers? meaning different users outside of our account.
We have zoom account with 9 licensed user.
So this 9 licensed user uses JWT to create a webinar for our end-users (outside of our account).
These end-users will be the host of the webinar

Error
I am not sure if this is safe?

Which App Type (OAuth / Chatbot / JWT / Webhook)?
Zoom Webinar

Which Endpoint/s?
Zoom Webinar

will.zoom · November 30, 2020, 6:35pm

Hi @third.party_20190621,

Good question—start_urls are intended for the meeting/webinar host to start the meeting/webinar, and we do not recommend sharing these widely outside of your account.

Thanks,
Will

third.party_20190621 · December 1, 2020, 2:26am

I see.
Is there anything we can do to make user outside of our account be the host but it needs to be a webinar.

Is this flow possible

our zoom account creates a webinar.
when the user outside of our account will start the webinar (from our app), we will use oauth and make him an alternative host/main host?

Will this still be a webinar even though the user outside of our account does not have webinar license?

will.zoom · December 1, 2020, 7:01pm

Hi @third.party_20190621,

Since the alternative_host will need to be under the same account as the main host, one recommendation could be to consider provisioning a user specifically for this role under your account. I don’t believe you’ll be able to designate an alternative host even with OAuth.

Thanks,
Will

system · January 1, 2021, 5:01am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.