We are facing an issue with the Zoom Marketplace security review for our app, ViaSocket, which is a workflow automation tool. Our app was rejected due to security concerns related to TLS versions 1.0 and 1.1 being supported, which Zoom considers insecure.
We have already upgraded our TLS version to TLS 1.2 (and/or TLS 1.3) and have disabled TLS 1.0 and TLS 1.1. We submitted updated documentation and screenshots demonstrating these changes. However, despite these efforts, we received the same rejection message stating that the app still supports TLS 1.0 and 1.1.
How To Reproduce
App Type: ViaSocket (Workflow Automation Tool)
Error: The app failed Zoom’s security review due to TLS 1.0 and TLS 1.1 support, even after we’ve upgraded to TLS 1.2.
I see that you are concurrently submitting two separate requests.
One for beta (authorization url sharing with external users) and
another for publishing the app on the Marketplace.
For the publishing request we will get to reviewing your application within the 72 hour SLA.
If you’d like to share your authorization url with external users in the meantime you can resubmit that request (Please update the document you are providing to show the upgrade of TLS versions).
We have already updated the documentation to show that we have upgraded to TLS 1.2, with support up to TLS 1.3, and have disabled TLS 1.0 and 1.1. Despite these updates, our app was still rejected with the same message regarding TLS 1.0 and 1.1 support.
Could you help us understand why the changes are not being recognized? We’re eager to resolve this and proceed with the approval.
It looks like your app was approved on 2/14/25.
Glad you were able to get the app through.
If you have any other issues, please respond directly and ping me.
We have an app called viaSocket that is already published on the Zoom Marketplace. We need to add additional scopes and a webhook URL to the existing app. However, we are unable to submit the app for scope and webhook approval because of the monetization step.
While monetization is optional for us and we do offer a free plan, the mandatory step of connecting the app with Stripe is blocking our submission. Without completing this Stripe connection, we cannot proceed—even to publish the free plan updates.
Could you please advise on how we can move forward with adding the additional scopes and webhook URL, given that the Stripe connection is preventing us from submitting the app update?