Description
It seems that getting a bearer in order to access participant emails, time in, time out, etc requires an admin or developer level account.
Which App Type (OAuth / Chatbot / JWT / Webhook)?
JWT (open to using OAuth but it seems detailed reports are not accessible except for admin)
Which Endpoint/s?
Google Sheets API
How To Reproduce (If applicable)
Steps to reproduce the behavior:
I’ve been using JWT with success as follows:
var requestOptions = {
method: ‘GET’,
headers: { Authorization: “Bearer xyz” },
};
However, now I want to be able to share the same ability with teachers in other domains that are not admin or developer status. I could direct them to create their own bearer but they seem to not be allowed to create a JWT themselves. Is there any possible way for a non-admin or developer to link access to Sheets API and retrieve https://api.zoom.us/v2/report/meetings/" + id + "/participants. Of course, I can give my bearer to those in my domain but that won’t work for other domains, I assume.
This app has been really amazing and it would be such a shame if it can’t be shared outside the domain without admin approval. If not, is there a way for an admin to install it for all users in their domain or approve non-admin users in their domain to install it (it would have to be OAuth I assume)?
Thanks for reaching out about this, and good question. To clarify, JWT apps are account wide and you can only have 1. However, you can generate as many tokens as you’d like under your JWT app, and these tokens can operate independently of each other, for use within your account. Using the JWT credentials from your 1 JWT App (API Key and Secret), you can generate tokens programmatically—you might reference the libraries available on https://jwt.io for this.
Alternatively, if you wish to have several different, unique API credentials for users under your account, then a user-level OAuth App would be another solution.
So let’s say user-A is an admin of their domain and user-B is a regular user in that domain. Only user-A can install the account-level app. How, then, does user-A give user-B access? Or is it that there is no way for user-B to access report:read:admin even with some sort of permission or installation on the part of user-A?
Good question! In this case, user-A would install the App on the account and it would then be able to make admin scoped API calls on behalf of the account. You would then be able to request information about user-B as long as they are under that account but you wouldn’t be able to make requests on their behalf.
