Using ZAK of Other Account

Hello, I’m Peter of XL8 who is developing EventCAT registered on Zoom Marketplace.

EventCAT is an app in which the conference host invites Zoom native bots to a meeting, listens to the participants’ voices in real time, writes down their voices on the app screen, and translates them into the desired language.

Here are some of the issues we’re experiencing.

When you create a zoom meeting, if you leave the “Only authorized users can participate” option on in Settings (PMI), the native bot will not be able to participate in the meeting. So in this case, the Zoom Access Key (ZAK) in the Zoom API, which allows the bot to join like an authorized user, allows the bot to join a meeting.

However, when a host using EventCAT invites a bot, it uses its own ZAK, and the bot with the same profile as the user participates. An update review of the EventCAT app has already been rejected once due to this issue.

So I’ve created a predefined bot account ( ) so that I can show you another profile as an alternative, and I’m going to use this account’s ZAK instead when the meeting host invites the bot.

Here’s the question.

1. Is there any way for the host to use ZAK of the account without OAuth authentication?

Access_token must be issued through user interaction to obtain ZAK. (OAuth) However, users who use EventCAT cannot get a ZAK because they cannot use the OAuth of their account.

So in a bit of a hacky way, we pre-received the refresh_token of the account, and we used this refresh_token to try to get the host ZAK without going through OAuth.

However, if you try to issue a token with the Client ID of the same Zoom App, it will expire even if you do not use all other access_token, refresh_token.

2. Or can’t you support me to change my name to custom even for bot invitations using ZAK?

3. If all this is difficult, is there a reason why bots with the same profile shouldn’t be invited to the meeting again?