OAuth App Sopes - access control

I am setting up an integration with Rainfocus to allow Zoom meetings and webinars to be created from their event management platform in our account.

I only want them to have access to Zoom meeting/Webinar data created from their platform, but not data from all meeting conducted on our Zoom account

Currently they are requesting:


  1. What are the right scopes for allowing their platform to Create meetings in our account and collect user and reporting data from those meetings, without accessing all user data?


@zmalay ,

Welcome to the Developer Forum ! You’ll want to give read access for the user and report scopes and write access for creating meetings. Please see our OAuth help documentation which offer detailed explanation of the OAuth scopes

understood, as I have read this document. Rainfocus is requesting Admin Level scope access, would it be better to give them user level scope?



Would this limit them to only meeting they create as a single user?

I just noticed in the documentation that these scopes are not available:


And, although meeting:write & webinar:write are in the documentation, they are not available options in the OAuth APP.


Apologies for the confusion, there is user: read but not admin: read scope. No user-level scopes for reports. Only account or admins apps can access report data.

Screen Shot 2022-06-30 at 12.55.22 PM

Currently, the OAuth scopes do not support the kind of granularity where the App will only have access to Zoom meeting/Webinar data created from their platform. If granted the scope access, the App will have access to all meetings conducted on your Zoom account.

1 Like

ok thank you. I did notice that, and i noticed that I didnt have any user level options for meeting:write or webinar:write.

apparently, this is due to the “account-level” OAuth APP

is there away to change this? or would I need to create another app?

Correct, please see screenshots of user-managed OAuth scopes.



1 Like