What permissions does a Zoom Access Token grant?

IsaacD · October 18, 2021, 8:40pm

I’m working on an application that helps users start their Zoom meetings without manually logging into Zoom. An hour before the meeting is scheduled to begin, we email the start_url to the meeting host.

If I understand correctly, the Zoom Access Token (ZAK) at the end of the start_url is what enables a user to start and host the meeting without logging in. Does the ZAK give the user any other abilities? For example, if a user who is not logged into the Zoom Client (desktop) or Zoom Web Client (at zoom.us) clicks a meeting’s start_url, will they then be able to update their account settings via either the desktop or web client?

will.zoom · October 21, 2021, 11:56am

Hi @IsaacD,

The ZAK token is used for starting/joining meetings. These will not allow users access to the Web UI on behalf of another account.

Let me know if this helps to clarify, thanks!
Will

system · November 20, 2021, 9:56pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
ZAK token security - Redirecting user to `start_url` API and Webhooks	4	510	June 3, 2022
Meeting start without authentication API and Webhooks	7	3699	August 4, 2020
Starting meeting using personalised zak token for the user asking for credentials API and Webhooks	11	4120	March 17, 2022
Meeting host is unable to start meeting without signing in to zoom account API and Webhooks	2	981	September 17, 2020
Zoom Auto-login API API and Webhooks	6	4039	August 21, 2020

What permissions does a Zoom Access Token grant?

Related Topics