JWT application

Why there is no scope settings on JWT app?

I have created a JWT app, but I cannot see scope settings on that app. I can see those settings on OAuth app.

I would like to control the permissions to JWT Token. Does JWT tokens have full permissions?

Hey @hedaoo.abhishek1993,

JWT Apps intentionally do not have scopes, they have full permission and are meant for internal use by Zoom account admins. If you want to limit control, use an OAuth app.

Thanks,
Tommy

Hi Tommy,
Thanks for the reply. So does the permission on the JWT token corresponds to the permission the user has who creates the JWT application?

Some more questions -
I am creating a application which will use zoom API’s to fetch and manage users on the zoom(Please note application is intended to be used by the account admin). So for authorization I have to create an application on zoom. Which application type would be recommended here for authorization? OAuth or JWT?
Also why I can create only one JWT application on zoom? Is there any way to create multiple JWT applications?

Hey @hedaoo.abhishek1993,

Only Zoom admins, or Zoom users with the developer and integration permissoin can create / use a JWT Token, but that JWT Token can call any of the Zoom API endpoints for your account.

If you want to share your integration outside your Zoom then create an Account Level OAuth App.

If this integration is only meant to be internal to your own Zoom account and users, then create a JWT App.

Because one JWT is all you need to call any endpoint for your Zoom account. :slight_smile:

Thanks,
Tommy

But I am a basic user with free license type. I am able to create a JWT application and use JWT token. But when I call “Masters API” I get
{
“code”: 124,
“message”: “Invalid access token.”
}

Token was picked up from app credentials section from the JWT app.

Is this because I don’t have developer or integration permission?
FYI the same token works with User API. I can fetch users list.

Hey @hedaoo.abhishek1993,

In order to use the Master Account APIs, you need to have an ISV plan. You can contact isv@zoom.us for details.

Sorry for the confusion, we will add more info to the Master API docs.

Thanks,
Tommy

1.In order to use the Master Account APIs which app is recommended ? JWT or OUTH app
2.Please consider App to be used outside organisation to access Master Account APIs

Hey @cms_test,

You can use either OAuth or JWT depending on your use case.

Did you submit a request in the app marketplace? If so, we will get to your publishable URL request as soon as possible.

Thanks,
Tommy

Thanks Tommy for the reply. Can you please answer
1.Are Master api endpoints accessible by using grant type=client_credentials?
2.Can we publish JWT app?

Hey @cms_test,

The answer to both is no.

That being said, you can use the Master API endpoints with a JWT Token.

Thanks,
Tommy

1 Like