I’m building a Zapier integration using Zoom’s SMS API (POST /phone/sms/messages) and encountering Error 135 when trying to send SMS on behalf of other users in our organization.
Current Setup
-
App Type: Admin-managed
-
Scopes:
user:read:adminandphone:read:sms_message -
Authorization: Done by Zoom account admin
-
API Endpoint:
https://api.zoom.us/v2/phone/sms/messages
What Works
-
Sending SMS from the authenticated admin user’s phone number works perfectly -
API authentication is successful
-
Basic SMS functionality is working
What Doesn’t Work
-
Sending SMS on behalf of other users in the same Zoom account returns Error 135 -
Using other users’
phone_user_idin the sender object fails
Request Body Structure
json
{
"message": "Test message",
"to_members": [
{
"phone_number": "+1234567890"
}
],
"sender": {
"user_id": "8umOrlLzSZmghxw6_lnYvw" // This is the phone_user_id from /phone/users
}
}
Key Details
-
User ID Format: I’m using the
phone_user_idfrom the/phone/usersendpoint, not the regular Zoomuser_id -
Same Account: The target user is in the same Zoom account as the admin who authorized the app
-
Phone License: The target user has an active Zoom Phone license and assigned phone number
-
Permissions: The app has admin-level scopes and was authorized by an account admin
Questions
-
Are additional scopes required for cross-user SMS sending beyond
phone:read:sms_message? -
Is there a specific permission or setting in the Zoom Admin Console that needs to be enabled?
-
Should I be using a different user ID format for the sender object?
-
Are there account-level restrictions that prevent admin apps from sending SMS on behalf of other users?
Error Response
json
{
"code": 135,
"message": "You cannot have access to another user."
}
Any guidance on the correct configuration for cross-user SMS functionality would be greatly appreciated!
Environment
-
Integration: Third-party (Zapier)
-
App Category: Admin-managed OAuth app
-
Account Type: Business/Enterprise with Zoom Phone