Unable to Retrieve Chat Messages with User-Managed App Despite Correct Scopes and API Compliance

Dear Zoom Developer Support and Community,

I hope this message finds you well. I'm encountering an issue with my User-Managed Zoom App where I'm unable to retrieve chat messages, despite having the necessary scopes, successful API calls, and adhering to rate limits. I'd greatly appreciate any insights or assistance you could provide.

App Details:
- Type: Global App (User-Managed)
- Main Functionality: Chatbot for Zoom Chat

Current Behavior:
1. The app successfully authenticates and obtains access tokens.
2. Sending messages to both personal chats and channels works correctly.
3. Listing channels and retrieving channel IDs is successful.
4. However, when trying to retrieve messages (both personal and channel), the API returns an empty list, despite messages being present.

Expected Behavior:
The app should be able to retrieve recent messages from both personal chats and channels.

Steps to Reproduce:
1. Authenticate the app and obtain access token using the OAuth 2.0 flow.
2. Call the GET /chat/users/me/messages endpoint with appropriate parameters for both personal messages and channel messages.
3. Observe that the response is always an empty message list for both types.

Code Snippet (Python):
```python
def get_channel_messages(channel_id: str, config: Dict[str, Any], start_date: Optional[datetime] = None, page_size: int = 50, next_page_token: Optional[str] = None, is_personal: bool = False) -> Tuple[Optional[List[Dict[str, Any]]], Optional[str]]:
    try:
        access_token = token_manager.get_access_token(config)
        url = "https://api.zoom.us/v2/chat/users/me/messages"
        headers = {
            'Authorization': f'Bearer {access_token}'
        }
        params = {
            'page_size': page_size,
            'start_date': (start_date or datetime.utcnow() - timedelta(days=7)).isoformat()
        }
        if is_personal:
            params['to_contact'] = channel_id  # For personal messages
        else:
            params['to_channel'] = channel_id  # For channel messages
        if next_page_token:
            params['next_page_token'] = next_page_token

        response = requests.get(url, headers=headers, params=params)
        logging.info(f"API Response: Status {response.status_code}, Content: {response.text}")

        if response.status_code == 200:
            data = response.json()
            messages = data.get('messages', [])
            next_page_token = data.get('next_page_token')
            return messages, next_page_token
        else:
            logging.error(f"Error retrieving messages: {response.status_code} - {response.text}")
            return None, None
    except Exception as e:
        logging.error(f"Error during API call to retrieve messages: {e}")
        return None, None

API Responses:

  1. For personal messages:
1{
2    "date": "2024-10-24",
3    "page_size": 50,
4    "next_page_token": "",
5    "messages": []
6}
  1. For channel messages:
1{
2    "date": "2024-10-24",
3    "page_size": 50,
4    "next_page_token": "",
5    "messages": []
6}

API URLs Used:

  1. OAuth 2.0 Authorization: Error - Zoom
  2. Token Exchange: https://zoom.us/oauth/token
  3. Refresh Token: https://zoom.us/oauth/token
  4. Get Messages: https://api.zoom.us/v2/chat/users/me/messages

Scopes Used: team_chat:read:user_message, team_chat:read:list_user_messages, team_chat:read:channel, team_chat:read:list_user_channels, chat_message:read, imchat:userapp (among others)

Troubleshooting Steps Taken:

  1. Verified all required scopes are enabled.
  2. Confirmed successful authentication and token retrieval.
  3. Tested with various time ranges (up to 7 days).
  4. Verified that messages exist in the tested channels and time ranges.
  5. Checked logs for any errors (none found, all requests return 200 OK).
  6. Tested with both user_id and member_id as per the March 2023 API updates.
  7. Ensured compliance with API rate limits (staying well below the limits).

Additional Information:

  • We’ve implemented the changes from the March 2023 update, using member_id instead of user_id where applicable.
  • Our application strictly adheres to the API rate limits, making significantly fewer requests than the allowed maximum.
  • We’ve tested retrieving messages for both personal chats (using ‘to_contact’) and group discussions (using ‘to_channel’), but both return empty lists despite messages being present.

Questions:

  1. Are there any known issues with retrieving messages for User-Managed apps?
  2. Could there be any account-level settings affecting message retrieval?
  3. Are there any additional scopes or permissions required that I might be missing?
  4. Is there a difference in how personal messages and channel messages should be retrieved?
  5. Are there any specific headers or parameters we should include that aren’t documented?

Any assistance or guidance would be greatly appreciated. I’m happy to provide any additional information, logs, or conduct further tests if needed.

Thank you for your time and support!

Best regards,

Dear Zoom Developer Community,

I hope this message finds you well. I wanted to provide an update on the issue I previously reported regarding the retrieval of chat messages with a user-managed app.

Current Status:
We’ve made some progress, but we’re still facing some peculiar limitations. Here’s a summary of our current situation:

  1. Chat Message Retrieval:

    • We can now successfully read messages, but only if the chatbot sends messages to itself. It seems our chatbot is quite the soliloquist!
    • We can also retrieve these self-sent messages if we query for the chatbot’s messages (returning a non-empty 200 response).
    • However, we’re unable to retrieve any messages sent by other users to the chatbot, messages in group chats, or messages between other users.
  2. Webhook Events:

    • We’re receiving webhook events, but they seem to be limited to events related to our chatbot only.
    • We do receive presence status updates for our chatbot. At least it knows when it’s present, even if it’s not sure about anyone else!
    • We don’t receive events for messages sent to the chatbot by other users or for any other chat activities.

Technical Details:

  • We’ve implemented webhook handling and HMAC signature validation.
  • Our app has the necessary scopes: chat_message:read, chat_channel:read.
  • We’re using the Zoom Chat API endpoint: hxxps://api.zoom.us/v2/chat/users/me/messages
  • Webhook events are being received and processed correctly for the limited scope mentioned above.

Questions:

  1. Is there a specific configuration or permission needed to receive chat messages and events for all users, not just our chatbot?
  2. Are there any known limitations for user-managed apps regarding chat message retrieval and webhook events?
  3. Is there a way to expand the scope of webhook events we receive to include all users in our organization?
  4. Is our chatbot supposed to be this… self-centered? Or are we missing a crucial setting to make it more sociable?

We appreciate any insights or guidance the community can provide. If any additional information is needed from our end, please let me know, and I’ll be happy to provide it.

Thank you for your time and assistance. We’re looking forward to helping our chatbot break out of its bubble and join the larger conversation!

Hello Zoom Developer Community,

Following up on our previous post about chat message retrieval issues, we’ve made some progress but are still facing challenges. We’ve added the imchat:userapp scope to our user-managed app, but we’re unsure if we’re implementing user authorization correctly.

Quick questions:

  1. Does imchat:userapp require specific user-level authorization beyond the initial OAuth flow?
  2. Is there an additional step needed to prompt users to grant permission for reading their chat messages?
  3. How can we verify if users have properly authorized our app to access their chat data?
  4. Are there best practices for implementing user authorization for chat access in a user-managed app?

We’re trying to determine if our current authorization approach is correct or if we’re missing a crucial step in the process.

Any insights or guidance would be greatly appreciated.

Dear Zoom developers,

To overcome the difficulties with retrieving chat messages in our user-managed app, we have implemented the following solutions:

Targeted webhooks: We configured a limited number of webhooks to capture only essential events, reducing API requests and optimizing performance.

Responses via the user account: Chatbot responses are sent using the user’s account, with a tag indicating that it’s the AI speaking, just to reassure the user about their sanity.

Multi-user management: After some trial and error, we successfully implemented independent interaction management for each user through specific authentication.

Secure OAuth: Our authentication system meets confidentiality and user consent requirements without compromising security.

Automatic token refresh: Tokens are refreshed automatically, ensuring a continuous and uninterrupted experience.

Our solution mainly relies on the imchat scope for message handling and a minimalist webhook configuration to avoid overloading the API.

Lastly, thanks to the Zoom community for its “surprises” and challenges, which certainly added some spice to our development journey!