OAuth Changes in Meeting SDK 5.9

We have some questions about the change to OAuth with the 5.9 SDK. We do not have immediate plans to put our app on the Marketplace, which seems like a supported scenario based on the documentation. What is the maximum number of installs we can request under “Request to share this app outside this account”? Is that a fixed cap? If we request a certain number can we later request to add more?

I originally posted to the Mobile Meeting SDK forum put they recommended I post here.

Hi @jeremy.provost,

Thanks for reaching out about this, and good question.

I should clarify that the “Request to share this app outside this account” feature in our Marketplace is currently being revisited. At this time, apps will still need to undergo a functional/security review to be shared outside of the development account. (Just a word of caution, if you choose to use this URL instead of going through a formal app review using the “Submit” button).

The number of installs is intended to be small for a select number of beta testers. The approval is at the discretion of our App Review team, and we recommend keeping the number as small as possible for testing purposes.

If you need to make adjustments to this, it would need to be a new request in the future.


Thanks Will. Based on your reply it sounds like we would need to go through the App Marketplace if we want to continue to offer login in our mobile apps. Here are some questions we have about the Marketplace submission process based on reading the documentation:

The Submission Checklist item 8 mentions providing a reauthorization event URL for testing. As we are a mobile app exclusively using the in-app Meeting SDK with no server-side component, how would this be handled? What is the expectation here for an app of our type?

Item 13 about specifying an installation process, what would be the appropriate installation process for a mobile app that has no server-side component? It seems that a mobile app does not neatly fit into the requirements for either “From Marketplace” or “From your landing page”. Also, is it OK that there would be no configuration URL as all configuration would occur within the mobile app?

Should there be a deauthorization link from the mobile app if the user has authenticated?

The security attestation seems to be targeted at web apps as opposed to mobile apps. What is the implication to answering no to any of the questions?

What would the effect be to our existing mobile app users if our app initially fails Marketplace submission?


Hey @jeremy.provost,

Thanks for the reply and the additional context! Given your use case, I think it would be best for us to connect you with our marketplace team for some of these questions. Can I kindly ask that you email us directly at developersupport@zoom.us with these details and your use case, so that we can get you in touch and help point you in the best direction?


Thanks. I’ve sent an email with questions.