Managed Domain - Switching Between Zoom Accounts

Description
Quick overview: I help manage an educational system’s Zoom account to a certain extent. We’ve recently created several sub-accounts with different security and functionality settings in each as was requested for specific departments.

Each semester we need to move users from master account into one of the sub-acccounts for courses that require the settings/functionality set in the corresponding sub-account. At the end of the semester we need to move those users back into main account.

API documentation states we cannot move user’s with a Managed Domain. Why is that the case? What is the proper/recommended way of moving users in a setting such as this?
I tested and was unsuccessful in moving a user from the main account and into either of the sub-accounts. I can move users from sub-account to sub-account, just not into or out of the master account.

Error
“code”: 1107,
“message”: “You can not disassociate a user with managed domain.”

Which App Type (OAuth / Chatbot / JWT / Webhook)?
Internal App using JWT

Which Endpoint/s?
Switch a User’s Account - API Call

How To Reproduce (If applicable)
Steps to reproduce the behavior:

  1. Zoom master account with managed domains and SSO enabled
  2. Create sub-account within that master account
  3. attempt to move a licensed user (non-admin):
    from sub-account to master account OR from master account to sub-account

Additional context
We have Managed Domains enabled and SSO configured as is requested by our own InfoSec office for the main account and all sub-accounts.
Unfortunately, there is no wiggle room on removing those settings. We either have both enabled or we don’t have permission to use the product at the institution.

Hey @e_h67

Thanks for posting on the Zoom Devforum! I am still learning, but I will try my best to help answer your question. :slightly_smiling_face:

Checkout this related thread that may have the answer you are looking for:

If this thread did not help, please let us know by replying back here and someone from the Developer Relations team will get back to you shortly.

Thanks,
DeveloperBot

That thread did not help, it is not related to my question. Please forward to Developer Relations team, thank you.

Hey @e_h67,

That is correct, currently you cannot move users with managed domain.

I can see if we can support this in the near future if you’d like.

To understand your use case fully, why do you need to move the user accounts back and forth?

Can you just delete the users at the end of the semester and recreate them in the respective account when the time comes?

Thanks,
Tommy

Hello @tommy ,

Right, I get that the prerequisite of the call prevents me from using it in a managed domain. I am trying to understand why that is the case, who does this call end up benefiting?
Why would it not work with managed domains, we only have users from our domain accessing this service anyway, no external entity should be permitted through.

Yes, please, I would very much like to see if Zoom can support this call with managed domains. Also, I would like to know how I can have my sub-accounts (of the master w/ managed domain) also be managed. We only want University staff/faculty/students accessing any of our Zoom accounts.

After reviewing your suggestion of deleting the users, I am not so sure that is an option we’d like to go with as deleting the user will permanently drop their meetings/webinars/cloud recordings AKA historical data.
The work around of transferring that data for each student to a new user then transferring back when re-created does not seem ideal.

Our students are to have 24/7 access to their Zoom account via our University licensing throughout their collegiate career ranging up to 4 years, in some cases longer. The ability for them to keep their historical data is beneficial.

Any assistance is greatly appreciated, thank you!

Hey @e_h67,

Thanks for explaining your use case further. We will look into allowing a managed domain to move users. (ZOOM-196291)

I will get back to you with an update.

-Tommy

Hey @e_h67,

To clarify, will all the users you are trying to switch have the same email domain as the managed domain?

Thanks,
Tommy

Hello @tommy,

That is correct, all of our users within our master account and any of our sub-accounts will have the same email domain. Our master is the only account currently with the managed domain feature enabled. We weren’t able to enable it in any of our sub-accounts, another limitation :frowning:

Thank you!

Hey @e_h67,

Thanks for clarifying. We are looking into this.

-Tommy