Okta Workflows Zoom

I am able to read users using Okta Workflows Zoom app…
I was trying to make a Zoom custom API call GET /phone/users/{userId} from Okta Workflows and I was getting:
“code”: 104, “message”: “Invalid access token, does not contain scopes:[phone:read, phone:read:admin].”

How could I include the scopes [phone:read, phone:read:admin] into Okta Workflows Zooom app?

@srecko.anzic ,

Thank you for posting in the Zoom Developer Forum. To begin, can you clarify if you are creating a Zoom App Marketplace or OAuth App ? For both Marketplace app types, you will need to make sure you set the appropriate scopes. To do so, you would select the phone:read and phone:read:admin scopes for the App. The scopes are located on the Scopes Tab of the Marketplace App. Here is our help documentation on Adding Scopes to your Marketplace App for reference:


Hi Donte,

I think this is a Zoom app called Okta Workflows that we already have added.
I am just not sure how to add more scopes. When I go to the app and I go to Scopes tab I can’t find the button to add scopes.

Thanks for the clarifications @srecko.anzic ! It sounds like your user profile may not have the appropriate scopes. Can you share a screen shot of the message you are seeing ? Can share if you are trying to make an API call from Okta workflow to the Zoom Rest API Get a user's profile endpoint. Is that correct ?

Get a user's profile endpoint.


Okta workflow


Hi Donte, I am not sure if I follow what you are asking me to send you over.
Here is the error message that I get when I make a GET /phone/users/shRkpqUwREymX-uiyyUzFw

“retry_count”: 0,
“flo”: “zoom:1.0.60:customAPIAction”,
“method”: “8Jn_QAmWVIy”,
“execution”: “981457b5-e487-4e15-b4a2-ea48a91fbb70”,
“module”: “http.call”,
“kind”: “HTTP Request Error”,
“statusCode”: 400,
“headers”: {
“strict-transport-security”: “max-age=31536000; includeSubDomains”,
“x-zm-region”: “VA”,
“cf-cache-status”: “DYNAMIC”,
“connection”: “keep-alive”,
“report-to”: “{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hgN562BoaCySnGYLCM%2F1zrKfYT2wL%2BmjJJQIVrnhNpTl%2F%2F%2BWF%2BpLRYh3gE2QqD1GB9DFJvm1E5YlYEoxDFDqgHcpbWpOtQEiQAlOagnegViszCnXzTCxOROTXzDC"}],"group":"cf-nel","max_age":604800}”,
“x-zm-trackingid”: “WEB_6c9e8de15662e9241b31c1c222f11cb8”,
“cf-ray”: “7a7709deeda60871-SEA”,
“content-length”: “102”,
“content-type”: “application/json”,
“date”: “Mon, 13 Mar 2023 20:31:06 GMT”,
“set-cookie”: [
“__cf_bm=17s8JV60A5UndS7vB0vDZ7KId0PgqQe7oQ1109kXyog-1678739466-0-AS8BqtqYIMp4ob9luiXIHtIwdNmM+toHHwrIqv8elhUf6oncWUV7yHcKr4I1OyZLJtBVNSsI0apNNeoR7d9DkMw=; path=/; expires=Mon, 13-Mar-23 21:01:06 GMT; domain=.zoom.us; HttpOnly; Secure; SameSite=None”
“server”: “cloudflare”,
“x-frame-options”: “deny”,
“vary”: “Access-Control-Request-Headers”,
“nel”: “{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}”
“body”: {
“code”: 104,
“message”: “Invalid access token, does not contain scopes:[phone:read, phone:read:admin].”
“message”: “400 Bad Request”,
“description”: “HTTP Request Error”,
“steps”: 28,
“source”: {
“flo”: “zoom:1.0.60:customAPIAction”,
“method”: “8Jn_QAmWVIy”,
“execution”: “981457b5-e487-4e15-b4a2-ea48a91fbb70”,
“module”: “http.call”