Possible for non-developer/admin to access their own detailed meeting reports?

Description
It seems that getting a bearer in order to access participant emails, time in, time out, etc requires an admin or developer level account.

Which App Type (OAuth / Chatbot / JWT / Webhook)?
JWT (open to using OAuth but it seems detailed reports are not accessible except for admin)

Which Endpoint/s?
Google Sheets API

How To Reproduce (If applicable)
Steps to reproduce the behavior:
I’ve been using JWT with success as follows:
var requestOptions = {
method: ‘GET’,
headers: { Authorization: “Bearer xyz” },
};

var json = UrlFetchApp.fetch(“https://api.zoom.us/v2/report/meetings/” + id + “/participants?page_size=100”, requestOptions)

However, now I want to be able to share the same ability with teachers in other domains that are not admin or developer status. I could direct them to create their own bearer but they seem to not be allowed to create a JWT themselves. Is there any possible way for a non-admin or developer to link access to Sheets API and retrieve https://api.zoom.us/v2/report/meetings/" + id + "/participants. Of course, I can give my bearer to those in my domain but that won’t work for other domains, I assume.

This app has been really amazing and it would be such a shame if it can’t be shared outside the domain without admin approval. If not, is there a way for an admin to install it for all users in their domain or approve non-admin users in their domain to install it (it would have to be OAuth I assume)?

Thanks so much!

Hey @lgangler,

Thanks for reaching out about this, and good question. To clarify, JWT apps are account wide and you can only have 1. However, you can generate as many tokens as you’d like under your JWT app, and these tokens can operate independently of each other, for use within your account. Using the JWT credentials from your 1 JWT App (API Key and Secret), you can generate tokens programmatically—you might reference the libraries available on https://jwt.io for this.

Alternatively, if you wish to have several different, unique API credentials for users under your account, then a user-level OAuth App would be another solution.

Let me know if this helps to clarify,
Will

Hi @will.zoom thanks for you’re response!

I am wondering, though, about being able to give people from other domains access to their own accounts.

You mention a user-level OAuth but that would have to be admin right because the scope I request is admin-level?

Best,
Luke

Hey @lgangler,

That’s correct. As the Get Meeting Reports API has a report:read:admin scope, you’ll want to use an Account-Level app to access it:

image

Let me know if you have any questions.

Thanks,
Max

Thanks @MaxM!

So let’s say user-A is an admin of their domain and user-B is a regular user in that domain. Only user-A can install the account-level app. How, then, does user-A give user-B access? Or is it that there is no way for user-B to access report:read:admin even with some sort of permission or installation on the part of user-A?

Hey @lgangler,

Good question! In this case, user-A would install the App on the account and it would then be able to make admin scoped API calls on behalf of the account. You would then be able to request information about user-B as long as they are under that account but you wouldn’t be able to make requests on their behalf.

Thanks,
Max