JWT Authentication not recommended for 3rd Party Applications

simrankaurbal.khokk · April 13, 2021, 3:26pm

Using this template helps us debug your issues more effectively

Description
As per the documentation available at https://marketplace.zoom.us/docs/guides/auth/jwt there is a note stating that " All apps created for third-party usage must use our OAuth app type.".
What are the reasons for not using the JWT authentication mechanism for the 3rd party integration?
Also I did find documentation available for Azure and PingFederate integrations with zoom which use the JWT Authentication mechanism.

Which App Type (OAuth / Chatbot / JWT / Webhook)?
JWT

Which Endpoint/s?
User APIs

will.zoom · April 14, 2021, 2:16pm

Hi @simrankaurbal.khokk,

JWT authentication is intended for server-to-server integrations, as JWT apps are account-wide and can’t be accessed outside of the account they’re created under.

We require OAuth for integrations where you’ll need to access/manage external Zoom accounts—these apps must follow our submission process and be published publicly on our Marketplace so that users can understand what app and permissions they’re authorizing when leveraging your integration.

Let me know if this helps to clarify,
Will

system · May 15, 2021, 12:17am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
JWT Apps Security Concerns API and Webhooks	2	233	February 13, 2024
Automated Authorization from a third party app API and Webhooks	2	568	November 15, 2021
Can I integrate OAUTH with an existing JWT app? API and Webhooks	4	478	March 25, 2021
How to use JWT token integration with BS software which deployed on different client servers？ API and Webhooks	4	312	January 23, 2021
Steps to use API API and Webhooks	15	961	March 28, 2021

JWT Authentication not recommended for 3rd Party Applications

Using this template helps us debug your issues more effectively

Related Topics