OAuth App Sopes - access control

zmalay · June 29, 2022, 1:18am

I am setting up an integration with Rainfocus to allow Zoom meetings and webinars to be created from their event management platform in our account.

I only want them to have access to Zoom meeting/Webinar data created from their platform, but not data from all meeting conducted on our Zoom account

Currently they are requesting:
meeting:write:admin
webinar:write:admin
user:read:admin
report:read:admin

Question;

What are the right scopes for allowing their platform to Create meetings in our account and collect user and reporting data from those meetings, without accessing all user data?

Thanks

donte.zoom · June 29, 2022, 1:57am

@zmalay ,

Welcome to the Developer Forum ! You’ll want to give read access for the user and report scopes and write access for creating meetings. Please see our OAuth help documentation which offer detailed explanation of the OAuth scopes

zmalay · June 29, 2022, 2:07am

understood, as I have read this document. Rainfocus is requesting Admin Level scope access, would it be better to give them user level scope?

Example:

meeting:write
webinar:write
user:read
report:read

Would this limit them to only meeting they create as a single user?

zmalay · June 29, 2022, 3:00am

I just noticed in the documentation that these scopes are not available:

user:read
report:read

And, although meeting:write & webinar:write are in the documentation, they are not available options in the OAuth APP.

donte.zoom · June 30, 2022, 4:54pm

@zmalay

Apologies for the confusion, there is user: read but not admin: read scope. No user-level scopes for reports. Only account or admins apps can access report data.

Screen Shot 2022-06-30 at 12.55.22 PM

Currently, the OAuth scopes do not support the kind of granularity where the App will only have access to Zoom meeting/Webinar data created from their platform. If granted the scope access, the App will have access to all meetings conducted on your Zoom account.

zmalay · June 30, 2022, 8:01pm

ok thank you. I did notice that, and i noticed that I didnt have any user level options for meeting:write or webinar:write.

apparently, this is due to the “account-level” OAuth APP

is there away to change this? or would I need to create another app?

donte.zoom · June 30, 2022, 8:44pm

@zmalay,
Correct, please see screenshots of user-managed OAuth scopes.

Topic		Replies	Views
Oauth app to manage meetings and reports Meetings	5	266	December 22, 2022
Documentation for OAuth Scopes API and Webhooks	6	1707	January 2, 2019
Usage Report over API without admin status API and Webhooks	2	395	October 23, 2020
I do not see all the options for adding scope Meetings server-to-server	4	2089	June 21, 2023
Allowing scopes for "meeting:write" & "meeting:write:admin" API and Webhooks	1	812	April 27, 2023

OAuth App Sopes - access control

Webinar

meeting

Related Topics