Missing scope when creating JWT application


When I create an OAuth App, there is “Scope” setting to control what the app can access and do. See the attachment.
Screen Shot 2020-06-03 at 3.31.24 PM

When I create a JWT app, there is no such setting for JWT app. See the screenshot. I wonder why this setting is missing from JWT app. It is kind of security concern that a JWT app can do anything without way to constrain it.
Screen Shot 2020-06-03 at 3.30.10 PM

Hello! Zoom team,

Can you help me on this?


I close this post since it seems that it is a feature that JWT doesn’t have scope.

Hi @heidi.zh.n, this is correct - JWT apps do not have restricted scopes. These apps are not tied to users, and are account-level credentials with access to any user on the account.