Our company planning to publish an Oauth Zoom App. We research and learned that Zoom require a production environment for review. This is unwanted for us because our zoom related functions would create data that other end user could see. Display those data for specific user (ex: Zoom tester) is possible but would be risky as the impact in our code would be too large.
Arcording to this article: https://devsupport.zoom.us/hc/en-us/articles/9166723512589-Why-does-your-Marketplace-App-require-a-PRODUCTION-environment. Zoom recommend some options and one of them is:
- Staging Site, Production Client ID
- ONLY AVAILABLE IF YOUR STAGING SITE IS AN EXACT REPLICA OF YOUR PRODUCTION SITE.
But this is kind of brief. I have some questions about this method of app reviewing:
- What kind of staging site is considered “AN EXACT REPLICA OF YOUR PRODUCTION SITE”?
- If my app is approved under this method. How can I use it on my production environment? Because obviously all URL submit in this app is from staging environment.
- Is there any guide for this method of submit and reviewing app?
can someone from Zoom answer me please?
Hi @kwaku.nyante @virginie.zoom @catalina.diaz , can you either of you please tap in and assist here?
Hello @nguyen.thanh.tung-k
Sorry for the delayed response, in this situation staging or dev environments can be used for completing the review process, once that is completed you can submit an UPDATE request once you’ve completed your review process and update the environment, these requests are approved within 24hrs.
Now the reason we prefer a production-ready environment for Apps is because once we approve your app it is live on the marketplace so users will be able to install it since its live on the marketplace. Also when we test your Zoom Integration if you have not applied for an external authorization URL: Sharing Private and Beta Apps, our test is the first time most Integrations will be tested externally by going through functional and security review. When running the test we usually find limitations because of the given parameters you have you can only test your integration in your environment and within your Zoom account.
We do not have specific documentation, given every situation that needs this type of testing parameters are extremely different but once you submit, you can request a meeting and let us know the limitations and we can come up with a game plan to help review your submission within those restrictions.
1 Like
Hi @nguyen.thanh.tung-k, I would also like add to my colleague’s Kwaku’s explanation by sharing this post where we explain why Zoom requires testing in a Production environment: Why does your Marketplace App require a PRODUCTION environment?
Hope this helps as well!
@kwaku.nyante thanks for replying
in this situation staging or dev environments can be used for completing the review process, once that is completed you can submit an UPDATE request once you’ve completed your review process and update the environment, these requests are approved within 24hrs.
in this case, when we request UPDATE with production environment endpoints, do you guys need to login to our service and testing like the initial submit review?
because we expect to release zoom related function on production after this update so if you guys still testing updated app that way, we would have the same initial issues
Also when we test your Zoom Integration if you have not applied for an external authorization URL: Sharing Private and Beta Apps, our test is the first time most Integrations will be tested externally by going through functional and security review. When running the test we usually find limitations because of the given parameters you have you can only test your integration in your environment and within your Zoom account.
as I understanding, if you guys review on staging environment, the app is still considering intend for public, and we’ll mapping production credentials to staging endpoints
isn’t then external users (Zoom tester accounts) can still testing our staging environment, and you guys wouldn’t have this testing limitations?
We do not have specific documentation, given every situation that needs this type of testing parameters are extremely different but once you submit, you can request a meeting and let us know the limitations and we can come up with a game plan to help review your submission within those restrictions.
if you guys accept testing with this method, we wouldn’t have encounter any limitations
Hello, @nguyen.thanh.tung-k As I mentioned we do not know the limitations that cause this version of testing, and they haven’t been explained. We can test your app in your staging environment and you can make the changes once your app is approved. Once approved we will not re-test your re-submitted redirect urls however, we will click on them and make sure they work. We can engage you more once you submit your App then you can provide details on the limitation or we can discuss them in a meeting once your app is submitted.
Regards, Kwaku
Hi @kwaku.nyante
As I mentioned we do not know the limitations that cause this version of testing, and they haven’t been explained.
The reasons we don’t want to test on production environment:
- To use Zoom functions in our service, some data need to be created and they’re public to other end user to see and we don’t want this
- We also don’t want to spent more time to develop functions to restrict access to Zoom functions for testing accounts only or restrict only testing accounts could see their public data.
Once approved we will not re-test your re-submitted redirect urls however, we will click on them and make sure they work.
the redirect urls is part of Zoom-related functions. So we still need to deploy the functions to production before re-submitted?
We can engage you more once you submit your App then you can provide details on the limitation or we can discuss them in a meeting once your app is submitted.
when the app is submitted, how can we let you guys know the environment you guys gonna test is staging and we need discussing?
Also, I have another question. When the app is approved, does it immediately showing and installable on marketplace?
@kwaku.nyante Hi, Could you check my last message.
Thank you.
Hello @nguyen.thanh.tung-k as mentioned in all our documentation, once the App is Published the submitted state which we reviewed gets Published on the marketplace and is installable by anyone who has sufficient access.
We communicate through submissions so if you have something you want to let us know you include it in the release notes when you submit. if we have questions we ask them and you have the opportunity to respond to them via marketplace UI when the process begins.
Most the questions your asking are questions that are answered as you go through the submission process.
Regards, Kwaku
1 Like