Using create APP on Zoom can we have multi-tenant Application and authenticate all zoom users associate with tenant

Description
Using create APP on Zoom can we have multi-tenant Application and authenticate all zoom users associate with a tenant.

We want to develop the JavaScript Plugin Application based on multi-tenant architecture by using the zoom API, yes we know that your team exposed one API endpoint to collect the list of external contact by using the OAuth token but the problem is that we can’t generate OAuth Token without the Authorization Code from a javascript function. If your team will expose the API endpoints to generate OAuth Token by using the user’s details.

Which App Type (OAuth / Chatbot / JWT / Webhook)?
OAuth

Which Endpoint/s?

Hey @aakashp,

Thank you for reaching out to the Zoom Developer Forum. If you create an account-level OAuth app on your master account, each sub-account can then access the OAuth app that you created. You can then use the Master Account User APIs to obtain information for users on each account.

Let me know if I’m understanding your inquiry correctly and if that helps.

Thanks,
Max

Hi @MaxM

Yes, you are understanding correctly my problem but the behaviour of creating an account-level OAuth app is same as user-level OAuth app. Actually, I want to get whole OAuth token generation process through JavaScript functions because as you are aware, we need authorization code to generate OAuth Token and this authorization code is sending over the registered domain URL that’s why we can’t write javascript functions to generate OAuth Token.
Could you please help me to figure it out?

Thanks
Aakash

Hey @aakashp,

Just to clarify, are you looking for the ability to programmatically authorize an OAuth app for an account/user without their interaction? This wouldn’t be possible as an integral and intentional part of an OAuth flow is obtaining direct authorization from the user. You mentioned that one of the issues is that the code is sent back via the redirect_uri provided. What issues are you encountering there specifically? You should be able to change the redirect_uri to a domain that you manage if you need JavaScript to act on the code.

Alternatively, If all the users are on the same account, you could use a JWT token and use that to call the Master Account APIs for all of the sub-accounts that you have.

Let me know if that helps.

Thanks,
Max

Hi @MaxM

Thanks for your reply!

As per your comment, I just want to confirm that is master account will work as a company account? Is in that account, all the users list will accessible for all registered users?
I hope that you got a clear idea about our objective but let me clear one more time, our focus to get all external user’s contact list from individual user account from JavaScript function because we don’t want to show all registered user list to joiniee users.
Our app (plugin) will serve for an individual user to interact with their external contacts, not for others.

We tried to get external contacts list by using JWT Token. The API endpoint was https://api.zoom.us/v2/users but it returns only a single user which has generated the JWT Token.

Could you please guide us?

Thanks
Aakash

Hey @aakashp,

Thank you for providing additional information. If you’re looking to get a list of all users on a master account, you would need to call the Master Account APIs. However, based on your latest response, it sounds like you are looking to obtain external contacts for a user. In order to obtain external contacts, you’ll want to call the List User’s Contacts API API with a type of external.

Let me know if that helps.

Thanks,
Max