Is oauth token user specific?

Hi, I’m new to this.
I would like to integrate zoom in my app. I learnt that there is only one token if I go with JWT app. What about the oauth?

  1. Is the access token generated by oauth user specific?
    ie . with that token will i be able to create meetings for that particular user only.
  2. Does calling the "user create " api, be possible with the oauth access token.

Hi @chriztophermoriarity ,

Happy to help!

OAuth tokens are not necessarily user specific, but they can be because of how they’re generated. They have a shorter lifespan of 1 hour so after that time, a new on is needed. However you can generate a Refresh Token which “allows an application to obtain a new access token without prompting the user”. Additionally, you can set the permission scopes of that authorized user for what they can do with the Zoom APIs.

Yes, you can. You can set which APIs a user has access to with OAuth scoping (linked above).


Thanks a lot!!

I would also like your advice on a scenario.
My objective is that I want to get the details of the participants of a live meeting from where I have to find them in my database.
From what I have learnt so far from the documentation, I need an oauth app that the host/user need to integrate in his live zoom meeting.
In order to get the details of participants of that live meeting,
1.does the host need to have a business plan ?
2. Should I have the business plan for creating the oauth app?
Also should I go for user managed app or account-level app . Which suites best for my objective?

Thanks in advance

Hey @chriztophermoriarity,

I’m happy to help out here!

Yes, the host would need a business plan in order to use our Dashboard APIs which provide information about live meetings.

Yes, that would allow you to develop the application and meet the prerequisites for the Dashboard APIs.

For this use case, an account level app is likely the best option as it only needs to be installed by an administrator once instead of by each user.


Thanks a lot!!!

But that would mean that all the hosts should be part of a main Account so as to implement an account-level app, right?

Consider this , I have a website for meeting peope like Tinder, When X pays me , he can access my website and search for profiles, I like to implement an Oauth app which upon integration redirects to my website where on a button click X can find whether his live participants are in my website.

The users are completely independent of my website ie they will be conducting these zoom meetings without the website’s knowledge.

I figure an account-level app would not work here.

What are my options? How can I achieve my objective?

Hey @chriztophermoriarity,

Happy to help! If you publish an Account-Level app to our marketplace, that means that an admin on another account can install it for you to make requests as that admin.

In this way, the app is installed once by an account admin. Because that admin has the ability to manage other users, for instance, you are able to create meetings for any of the users under that account.

A User-Managed app means that each user under that different account would need to install your app but the benefit is that this doesn’t require the app have access to an account scope.

It really depends on how you intend the app to be used and who you expect the installer to be - the owner/admin of an account or a user?


Thanks a lot

  1. In that case I can only go with user-level app as my customers are individual users , they are not part of a team or organization.
  2. If I create an Account-level app, all my customers should have a business plan or above to call dashboard endpoints. Am I right?

Hey @harydas,

If a single user signs up for Zoom they are then the owner of a Zoom account that contains one user (them). In this case, they could still install an account-level application.

Yes, that’s correct.


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.