Server‑to‑Server OAuth tokens are scopeless; archive API demands unavailable ‘master’ scope

Hello, Zoom support.

We need guidance on Server-to-Server OAuth behavior affecting our automation.

App type and status

• Server-to-Server OAuth, internal, account-level, not published.

API Endpoint(s)

• GET /v2/accounts/me/recordings
• GET /v2/accounts/me/archive_files

Description

• Internal, account-level Server-to-Server OAuth app. Access tokens decode as type=3 with no scopes, so configured recording scopes don’t apply.
• For the same date range, Zoom UI shows ~99 recordings but /accounts/me/recordings returns ~20.
• /accounts/me/archive_files fails because it requires archiving:read:list_archived_files:master, which is not available to select in the Scopes UI.
• Goal: programmatically retrieve all recordings (including archived) across the account to power an automation.

Error

• archive_files: 400 Bad Request
  {“code”:4711,“message”:“Invalid access token, does not contain scopes:[archiving:read:list_archived_files:master].”}
• recordings: 200 OK but total_records ~20 while UI shows ~99 for same dates.
• Token detail: JWT decodes as type=3 with no scopes claim.

How To Reproduce

1. App type: Server-to-Server OAuth (account-level, internal). Select recording read scopes (admin/master variants) in Scopes UI; click “Done Adding Scopes”; activate app.
2. Auth: POST oauth.zoom.us/token with grant_type=account_credentials (no scope parameter); use returned access token.
3. Decode token: header/payload show type=3, no scopes.
4. Requests (examples):
   • GET https://api.zoom.us/v2/accounts/me/recordings?from=2025-03-13&to=2025-07-23&page_size=300
     Headers: Authorization: Bearer
   • GET https://api.zoom.us/v2/accounts/me/archive_files?from=2025-03-13&to=2025-07-23&page_size=300
     Headers: Authorization: Bearer

Questions

1. How can we obtain scoped Server-to-Server tokens for recording endpoints (avoid type=3/no-scopes)?
2. Does /archive_files require Compliance Archiving or other provisioning? If yes, what is the exact enablement path?
3. Which account/role/Marketplace settings must the Owner enable so an Admin can retrieve all users recordings (including archived) programmatically?

Best regards,
Goran Carevic

Hi developmentjatheon,

Do you have The Meeting and Webinar Archiving feature enabled for your account? This needs to be done by Zoom support. You’ll likely need to have this enabled before the archiving:read:list_archived_files:master scope will be visible in the Scopes UI.

I also have a suggestion regarding listing all recordings in your account. Instead of using the /v2/accounts/me/recordings, I would suggest that you iterate over your list of users and call the List All Recordings API for each user. This should get you the full list of recordings for all users in your account.