Unable to Retrieve Chat Messages with User-Managed App Despite Correct Scopes and API Compliance

Dear Zoom Developer Support and Community,

I hope this message finds you well. I'm encountering an issue with my User-Managed Zoom App where I'm unable to retrieve chat messages, despite having the necessary scopes, successful API calls, and adhering to rate limits. I'd greatly appreciate any insights or assistance you could provide.

App Details:
- Type: Global App (User-Managed)
- Main Functionality: Chatbot for Zoom Chat

Current Behavior:
1. The app successfully authenticates and obtains access tokens.
2. Sending messages to both personal chats and channels works correctly.
3. Listing channels and retrieving channel IDs is successful.
4. However, when trying to retrieve messages (both personal and channel), the API returns an empty list, despite messages being present.

Expected Behavior:
The app should be able to retrieve recent messages from both personal chats and channels.

Steps to Reproduce:
1. Authenticate the app and obtain access token using the OAuth 2.0 flow.
2. Call the GET /chat/users/me/messages endpoint with appropriate parameters for both personal messages and channel messages.
3. Observe that the response is always an empty message list for both types.

Code Snippet (Python):
```python
def get_channel_messages(channel_id: str, config: Dict[str, Any], start_date: Optional[datetime] = None, page_size: int = 50, next_page_token: Optional[str] = None, is_personal: bool = False) -> Tuple[Optional[List[Dict[str, Any]]], Optional[str]]:
    try:
        access_token = token_manager.get_access_token(config)
        url = "https://api.zoom.us/v2/chat/users/me/messages"
        headers = {
            'Authorization': f'Bearer {access_token}'
        }
        params = {
            'page_size': page_size,
            'start_date': (start_date or datetime.utcnow() - timedelta(days=7)).isoformat()
        }
        if is_personal:
            params['to_contact'] = channel_id  # For personal messages
        else:
            params['to_channel'] = channel_id  # For channel messages
        if next_page_token:
            params['next_page_token'] = next_page_token

        response = requests.get(url, headers=headers, params=params)
        logging.info(f"API Response: Status {response.status_code}, Content: {response.text}")

        if response.status_code == 200:
            data = response.json()
            messages = data.get('messages', [])
            next_page_token = data.get('next_page_token')
            return messages, next_page_token
        else:
            logging.error(f"Error retrieving messages: {response.status_code} - {response.text}")
            return None, None
    except Exception as e:
        logging.error(f"Error during API call to retrieve messages: {e}")
        return None, None

API Responses:

1. For personal messages:

1{
2    "date": "2024-10-24",
3    "page_size": 50,
4    "next_page_token": "",
5    "messages": []
6}

2. For channel messages:

1{
2    "date": "2024-10-24",
3    "page_size": 50,
4    "next_page_token": "",
5    "messages": []
6}

API URLs Used:

1. OAuth 2.0 Authorization: Error - Zoom
2. Token Exchange: https://zoom.us/oauth/token
3. Refresh Token: https://zoom.us/oauth/token
4. Get Messages: https://api.zoom.us/v2/chat/users/me/messages

Scopes Used: team_chat:read:user_message, team_chat:read:list_user_messages, team_chat:read:channel, team_chat:read:list_user_channels, chat_message:read, imchat:userapp (among others)

Troubleshooting Steps Taken:

1. Verified all required scopes are enabled.
2. Confirmed successful authentication and token retrieval.
3. Tested with various time ranges (up to 7 days).
4. Verified that messages exist in the tested channels and time ranges.
5. Checked logs for any errors (none found, all requests return 200 OK).
6. Tested with both user_id and member_id as per the March 2023 API updates.
7. Ensured compliance with API rate limits (staying well below the limits).

Additional Information:

• We’ve implemented the changes from the March 2023 update, using member_id instead of user_id where applicable.
• Our application strictly adheres to the API rate limits, making significantly fewer requests than the allowed maximum.
• We’ve tested retrieving messages for both personal chats (using ‘to_contact’) and group discussions (using ‘to_channel’), but both return empty lists despite messages being present.

Questions:

1. Are there any known issues with retrieving messages for User-Managed apps?
2. Could there be any account-level settings affecting message retrieval?
3. Are there any additional scopes or permissions required that I might be missing?
4. Is there a difference in how personal messages and channel messages should be retrieved?
5. Are there any specific headers or parameters we should include that aren’t documented?

Any assistance or guidance would be greatly appreciated. I’m happy to provide any additional information, logs, or conduct further tests if needed.

Thank you for your time and support!

Best regards,

Dear Zoom Developer Community,

I hope this message finds you well. I wanted to provide an update on the issue I previously reported regarding the retrieval of chat messages with a user-managed app.

Current Status:
We’ve made some progress, but we’re still facing some peculiar limitations. Here’s a summary of our current situation:

1. Chat Message Retrieval:

   • We can now successfully read messages, but only if the chatbot sends messages to itself. It seems our chatbot is quite the soliloquist!
   • We can also retrieve these self-sent messages if we query for the chatbot’s messages (returning a non-empty 200 response).
   • However, we’re unable to retrieve any messages sent by other users to the chatbot, messages in group chats, or messages between other users.

2. Webhook Events:

   • We’re receiving webhook events, but they seem to be limited to events related to our chatbot only.
   • We do receive presence status updates for our chatbot. At least it knows when it’s present, even if it’s not sure about anyone else!
   • We don’t receive events for messages sent to the chatbot by other users or for any other chat activities.

Technical Details:

• We’ve implemented webhook handling and HMAC signature validation.
• Our app has the necessary scopes: chat_message:read, chat_channel:read.
• We’re using the Zoom Chat API endpoint: hxxps://api.zoom.us/v2/chat/users/me/messages
• Webhook events are being received and processed correctly for the limited scope mentioned above.

Questions:

1. Is there a specific configuration or permission needed to receive chat messages and events for all users, not just our chatbot?
2. Are there any known limitations for user-managed apps regarding chat message retrieval and webhook events?
3. Is there a way to expand the scope of webhook events we receive to include all users in our organization?
4. Is our chatbot supposed to be this… self-centered? Or are we missing a crucial setting to make it more sociable?

We appreciate any insights or guidance the community can provide. If any additional information is needed from our end, please let me know, and I’ll be happy to provide it.

Thank you for your time and assistance. We’re looking forward to helping our chatbot break out of its bubble and join the larger conversation!

Hello Zoom Developer Community,

Following up on our previous post about chat message retrieval issues, we’ve made some progress but are still facing challenges. We’ve added the imchat:userapp scope to our user-managed app, but we’re unsure if we’re implementing user authorization correctly.

Quick questions:

1. Does imchat:userapp require specific user-level authorization beyond the initial OAuth flow?
2. Is there an additional step needed to prompt users to grant permission for reading their chat messages?
3. How can we verify if users have properly authorized our app to access their chat data?
4. Are there best practices for implementing user authorization for chat access in a user-managed app?

We’re trying to determine if our current authorization approach is correct or if we’re missing a crucial step in the process.

Any insights or guidance would be greatly appreciated.

Dear Zoom developers,

To overcome the difficulties with retrieving chat messages in our user-managed app, we have implemented the following solutions:

Targeted webhooks: We configured a limited number of webhooks to capture only essential events, reducing API requests and optimizing performance.

Responses via the user account: Chatbot responses are sent using the user’s account, with a tag indicating that it’s the AI speaking, just to reassure the user about their sanity.

Multi-user management: After some trial and error, we successfully implemented independent interaction management for each user through specific authentication.

Secure OAuth: Our authentication system meets confidentiality and user consent requirements without compromising security.

Automatic token refresh: Tokens are refreshed automatically, ensuring a continuous and uninterrupted experience.

Our solution mainly relies on the imchat scope for message handling and a minimalist webhook configuration to avoid overloading the API.

Lastly, thanks to the Zoom community for its “surprises” and challenges, which certainly added some spice to our development journey!

Hi @martossien - were you ever able to find a solution to getting messages in channels using the user auth app? I’ve also created a user auth app with the goal of pulling messages from specific channels that a service user account will be added to and while can confirm details like the other members of channels the account is a member of (also tested with my own account), getting the same blank responses you documented and have tried all the same troubleshooting steps you mentioned in your original post.
Appreciate any additional information you may have!
Thanks,
Adam

PS-I’m really surprised a Zoom dev team member did not respond to this post.

Hi @elisa.zoom - I’m new to working with Zoom Workplace and the API, but have seen your responses on several other posts. Was curious if you would be able to provide a response to the issues raised in this post on obtaining channel messages using a user auth general app where the user has been added to the channel. Have made successful calls to get the channel members, but very limited success on returning messages from channels.

Account level apps/scopes are not an option due to the broad access to all messages in the system without a way to limit access to sensitive/executive messages (at least based on what I’ve been able to find on the developer site and in a limited chat with Zoom tech).

Appreciate any info you can add.

thanks,

Adam

Providing an update to this issue on pulling channel messages using user auth general app. The API documentation Team Chat APIs under List User’s Messages indicates searches can be performed on either Date or From/To.

For date it states:The query date from which to retrieve the chat messages. This value defaults to the current date.

Note: If you do not provide the date or from query parameters, the API defaults to the date query parameter.

I was attempting to search using from/to, but apparently not doing so in the way the API liked. I eventually tried to run a search without the from/to criteria and instead used the date field for a single date and that is when I finally successfully returned data from the channel before the date the service user was added to the channel. From there then used a loop on the date query to rerun for every date within a date range I set.

FYI CC @elisa.zoom