Hello 
,
We are building an integration, that allows users to analyze their own Zoom Phone calls. We have a working Admin-Managed app, but for security and ease of adoption, we are moving to a User-Managed (OAuth) model to follow the principle of least privilege.
The Issue: To import the call, we need the download_url or file_url for the phone call recording. We are currently trying to use: GET /phone/call_logs/{id}/recordings
Even when the authenticated user is the one who made the call/recording, this endpoint returns a 400 (Error 105): “Authenticated user has not permitted access to the targeted resource,” unless the user has Account Owner or Admin privileges.
We noticed that checking the box “Allow this app to use my shared access permissions” during the OAuth flow can bypass this, but that option isn’t available or intuitive for standard “Member” level users.
Our Questions:
-
Is there a user-level endpoint (similar to
/meetings/{id}/recordings) that allows a non-admin user to retrieve thedownload_urlorfile_urlfor their own personal phone recordings? -
If not, what is the recommended workflow for a User-Managed app to download a recording file without requiring the user to be a Super Admin or manually configuring “Shared Access Permissions”?
Thank you