Visitor Management - Get List of Visitors by Location Endpoint Doesn't Return Any Data

I can see in the Zoom Web Portal ((Admin → Workspaces Management → Invitations → History) that our organization has visitor invitations for 3-20-2025 thru 4-20-2025. I tried to include a screenshot here of those invitations but it wouldn’t let me.

However, when I make the API call below with a token with the correct scope of visitor_management:read:list_invitations:admin, I get null for the list of invitations rather than any data.

/visitor/invitation?from=2025-03-20T00%3A00%3A00Z&to=2025-04-20T00%3A00%3A00Z

The response has an HTTP status code 200 (indicating success), but no data is returned. Response contents:
{“next_page_token”:“”,“page_size”:30,“total_records”:0,“invitations”:null}

Can someone help me understand how to get the data from this endpoint? I have scoured the documentation and forums and found nothing of any help. I have also tried many combinations of query string parameters with this endpoint and have not had any success.

Thank you.

Hey @jbus
Thanks for reaching out to us and welcome to our community!
Could you please pass the invite_location_id param in your query parameters and try again?

Thanks @elisa.zoom . I tried that with all possible location ids for our organization and again received http status code 200 but no data. Requests and responses are below though I replaced the actual IDs for our locations with [redacted]. If you need to see them can I message them to you privately somehow? Again I made sure that I can see actual invitations for this date range.

I got the location ids for the requests below from the /rooms/locations API endpoint and cross-checked them with the resource_id that I see in the query string in the address bar in the browser on those locations in the web portal (Admin → Workspaces Management → Visitor Management)

The invitations I see in this date range in the web portal should all be for our single building location. That building is set to “Allow visitors at this location” while all 4 floors under the building are set to not “Allow visitors at this location”.

/visitor/invitation?invite_location_id=[redacted]&from=2025-03-15T00%3A00%3A00Z&to=2025-04-11T00%3A00%3A00Z
{“next_page_token”:“”,“page_size”:30,“total_records”:0,“invitations”:null}

/visitor/invitation?invite_location_id=[redacted]&from=2025-03-15T00%3A00%3A00Z&to=2025-04-11T00%3A00%3A00Z
{“next_page_token”:“”,“page_size”:30,“total_records”:0,“invitations”:null}

/visitor/invitation?invite_location_id=[redacted]&from=2025-03-15T00%3A00%3A00Z&to=2025-04-11T00%3A00%3A00Z
{“next_page_token”:“”,“page_size”:30,“total_records”:0,“invitations”:null}

/visitor/invitation?invite_location_id=[redacted]&from=2025-03-15T00%3A00%3A00Z&to=2025-04-11T00%3A00%3A00Z
{“next_page_token”:“”,“page_size”:30,“total_records”:0,“invitations”:null}

/visitor/invitation?invite_location_id=[redacted]&from=2025-03-15T00%3A00%3A00Z&to=2025-04-11T00%3A00%3A00Z
{“next_page_token”:“”,“page_size”:30,“total_records”:0,“invitations”:null}

Additionally, I want to mention that the API docs don’t specify that the invite_location_id is a required query string parameter for calls to this endpoint.

Thanks Jared. @jbus
Could you please grab one tracking ID from the response headers from one request and share that with me so I can share it with Engineering team

I’d love to!

Here you go:
WEB_1309548c49250970570174a6e2b858a2

Thanks @jbus
I created an internal ticket for our Engineering team to look into this ( ZSEE-166555 internal ticket number for reference)

Great thank you @elisa.zoom !

Hi @jbus
Could you please try to follow the below steps and let me know if the issue gets resolved

To resolve the API data mismatch:

1. Adjust Timezones for from/to Parameters :-

The API uses UTC timestamps, while your Zoom web portal might display dates in your local timezone.

Convert your local dates to UTC.

For example:

If an invitation in the portal shows March 20, 2025, 5:00 PM PST (UTC-8), the UTC equivalent is March 21, 2025, 1:00 AM.

Update your API call: http:///visitor/invitation?from=2025-03-21T01:00:00Z&to=2025-04-21T01:00:00Z

2. Verify the Correct invite_location_id :-

Ensure you’re using the building’s ID where visitors are allowed.

Example: http:///visitor/invitation?invite_location_id=BUILDING_ID&from=2025-03-21T01:00:00Z&to=2025-04-21T01:00:00Z

Thanks for the suggestions @elisa.zoom . I have already accounted for both of those things with my previous testing with no success.

Before replying again here, I requested a Visitor Management license for my org and entered a test invitation of my own for 5/14/2025. I was able to retrieve this from the API. However, I can see in the web portal that there is another invitation entered by someone else coming up in June and cannot retrieve that from the API. Unfortunately, then I still have more questions than answers:

1. Is the API only returning invitations entered by me? I don’t know how or why it could or would since this is a server to server app and I’m using the admin scope that should be able to see everything for my org’s account.
2. Will the API only return data for a limited number of days in the future? I don’t know why that would be the case when the documentation doesn’t state this, however, I have seen it on the documentation for other endpoints like getting a workspaces reservations (only returns data 14 days into the future)
3. Will the API only return future invitations? Is this a default or is there a way to specify a type parameter or something to retrieve past invitations similar to the parameters on the meetings API endpoints to retrieve past meetings? Again I don’t know why this would be the case since the documentation doesn’t mention this. I have also tried guessing at type parameter values from my experience with other endpoints but have not had any success.
4. Will the API only return invitations with a certain status? Again I don’t know why this would be the case since the documentation doesn’t mention this.

I’ll be doing more testing on my end to see if I can figure anything more out here but if you can add any clarification on these things from your end it would be helpful.

Thanks!

@elisa.zoom

OK - I have done a bunch more testing and confirmed that I can get past and future invitations (including more than 14 days in the future and for different statuses) as long as I’m the host on the invitation. Any other invitations for other hosts, even if they are for the exact same location, visitor, date, time, and status, will not be returned from the API despite this being a server to server app making calls with a token with the visitor_management:read:list_invitations:admin scope.

Below are a bunch more tracking IDs from my testing. If your engineers look on your end you’ll see that the only data returned is where I’m the host. There are invitations there for the time periods and the location in my query strings from other hosts that are not being returned.

WEB_1bd82e4cb51128fad95b437a6f4d7f52
WEB_1bd82e4cb51128fad95b437a6f4d7f52
WEB_e0adb6bde2f23902dde06c80b3629837
WEB_5f4fad18694f55cf8cb42f4d38c15490
WEB_32ae8a4dce5ed4429727199c04687c42
WEB_32ae8a4dce5ed4429727199c04687c42
WEB_0e4f0305687c15c2df5a1e7606d301b1
WEB_19bb29095dbcd32d41d22b6d27d49141
WEB_f19455e7b87388eb2e31e48ddc870c82
WEB_65165c2a26de440d8eff1e025c27d80a
WEB_1bd82e4cb51128fad95b437a6f4d7f52

Thanks @jbus
I just shared this new information with our Engineering team and waiting to hear back from them

Hi @jbus
I just heard back from our Engineering team and they informed me that this issue because the Zoom user account tied to your OAuth token has a “Member” role (not an Admin/Owner), which restricts the API to returning only invitations where that user is the host.

To troubleshoot this please:

1. Assign an Admin/Owner Role to Your OAuth User
   Go to your Zoom Admin Portal → User Management → Users.
2. Tokens retain old permissions until a new one is regenerated. Create a new token after updating the user’s role.
3. Ensure your OAuth app has the visitor_management:read:list_invitations:admin scope selected (Admin → Marketplace → Your App → Scopes).

Thanks for checking with them @elisa.zoom, but unfortunately that doesn’t help.

1. I am already an Admin and have been since before I created the server to server OAuth app.
   
   

   I am an Admin Already1613×737 55.2 KB
2. Every time I run my app in Visual Studio during development it gets a fresh token.
3. As I have stated in my original post and my last post, my app does have the visitor_management:read:list_invitations:admin scope
   
   

   My app already has the correct scope1155×818 87.6 KB

All that being said I have started to wonder if there are somehow additional permissions in the admin portal that need to be granted somehow since I have also encountered a 403 error on a Phone API endpoint and that seems to be a common problem/solution there from the developer portal posts I’ve been reading. However, when I checked our Admin role it seems to have all the visitor management permissions I can find.

Admin Role Visitor Management Access 11456×670 40.2 KB

Admin Role Visitor Management Access 21495×813 39.2 KB

Thanks @jbus
I shared your findings with my team. I will update you as soon as I hear back from them

Hi @jbus
Thanks for your patience here. I was informed that we recently added a new field to our endpoint, data_scope.
Could you please try adding the query param data_scope=account and let me know if that fix the issue?
I am confirming with the documentation team to check if this is available in our Docs

Thanks, @elisa.zoom . That was what I needed. By including data_scope=account I can now see other people’s invitations as expected. That is not specified in the documentation for this endpoint, but I trust you’ll get that updated.

I have made a request to the Docs team now @jbus
I will keep my eye on it to make sure its updated