Make /reports available with User-Level app, but limited to the auth'd user

edu_dev4 · June 18, 2020, 9:45pm

Currently to use the /reports API, your APP must be Account-level. This introduces some potentially serious security vulnerabilities.

Say we have 300 teachers in our district who run 7-10 meetings per day. We want these teachers to be able to look at advanced meeting report stats within our UI, but do not want them to be able to have admin access to our entire district Zoom organization. In particular, we don’t want them being able to invite, remove, or view any information about other users in the organization.

The simplest solution would be to allow the authenticated user to access their own reports, with a /me/ indicator. This has precedent in others areas of the API.

/report/meetings/me/{meetingId}/participants

Reference topic:

dmason · September 18, 2020, 6:05pm

I need this feature, as well.

It should be expanded to include webinar in addition to meeting reports.

heli · November 24, 2020, 9:49pm

I think this functionality would be pretty much appreciated for a daily basis user that is forbidden to an account-level app. As explained by @edu_dev4

gflora · June 7, 2021, 11:42pm

Having the ability to provide user-level reporting would be helpful for our institution as well.

Topic		Replies	Views
OAuth Reports API scope issue API and Webhooks	4	710	August 21, 2020
No user level scope for their own reports? API and Webhooks	2	417	December 3, 2020
Can I retrieve reports in a User-Managed app? API and Webhooks	6	1040	August 21, 2020
Adding report scope in multi user app with user managed app API and Webhooks webinar	6	686	January 11, 2021
How can i add scopes to OAuth application API and Webhooks	6	1225	August 21, 2020

Make /reports available with User-Level app, but limited to the auth'd user

Related Topics