I am trying to pull operation logs via API. My confusion is with the scopes. If I try to pull the data (without the right scopes), the error message gives me a hint:
{“code”: 4700, “message”: “Invalid access token, does not contain scopes: [report:master, report:read:master].”}
The issue is that with full admin rights, I cannot see these scopes available for addition to the app.
I also noticed that other app types have differing scopes. “Build App”, for example, does have report:master, though I am using Server-to-Server OAuth which does not have that requirement.
So, what gives? Are some of the APIs not available consistently?
EDIT:
Update on this. This could be related to how those scopes tie into Role permissions. Interestingly, the role for my account did NOT have Server-to-Server Oauth App selected, but I was still able to make one. Selecting this permission for the role did not change the availability of the scopes for the app. There could be some combination of permissions that is needed to make the scope available, but I haven’t found any documentation on this yet.
Yes this could be part of is. Are you a user on the master account? Is the Manage subaccount role enabled for you? You can adjust role permissions with this guide.
I believe the account owner has to add these master level scopes, but if you’re able to answer the above, we can see if this is still true.
I have just been learning about that “master account” as well.
The wording in your screenshot has slightly different wording than this link Master Account API
The relationship of an individual “Owner” account and a Master account (if it exists) is still not entirely clear to me. If there is an Owner but no Master account, is the owner able to configure that, or does this need a discussion with a sales rep?
When I am referring to your Zoom account as a master account, that is the entire account(not any specific user).
You will need to speak with your Account Executive if you want to have your Zoom account converted to a master account. They would also be able to explain if there are any extra costs to this process.
Once you have your account converted, you will then need to make a subaccount. Subaccounts are completely and entirely separate Zoom accounts.
The Master account APIs may then be run to obtain data from your SubAccounts, but only the subaccounts. These APIs cannot be ran against your Master Account.
Please let me know what additional questions you have.
