What scope causes the "Calendars: May include access to calendar..." in the list of permissions?

What scope or features is triggering this message on the Marketplace page of our Zoom app?

Calendars
May include access to calendar of scheduled Zoom meetings and webinars, and related details about those meetings and webinars.

Thank you for posting in the Zoom Developer Forum. Great question, can you share which scopes you have enabled in your Zoom App? It is likely a meeting scope, but it is difficult to tell without seeing which scopes are enabled for your app.

Thanks for your response!

Scopes:

  • marketplace_entitlement:read
  • zoomapp:inmeeting
  • zoomapp:inwebinar
  • user:read

Not seeing the same results on my end, can you share a screenshot of the exact error message and steps to reproduce it?

This is the screenshot of the marketplace page (I am not able to upload an image, so I am using Gyazo to host the file):

Any idea which permission is causing the message?

Hello,

at Upheal we are facing similar question from our customers - why May include access to calendar of scheduled Zoom meetings and webinars" is shown at the Marketplace app page (App Marketplace)

We do not use any calendar/scheduling-related data, and it’s not clear which scope triggers this.

Our scopes:

  • meeting:read
  • meeting:write
  • recording:read
  • recording:write
  • user:read
  • zoomapp:inmeeting

@aymericg-ext looks like we share the last two, did you try removing them? Or other attempts to resolve this?

cc @donte.zoom your help is much appreciated, this is really important for building trust with our customers.

Thank you.

I’m with you, the message is misleading. The only thing that could trigger it is the meeting scopes. I’ll look into this internally and get back to you soon.

CC: @vojta_upheal @aymericg-ext

1 Like

@donte.zoom Could you please post some update? Thank you!

@vojta_upheal ,
Just did some testing and it looks like the meeting:read:meeting scope triggers that:

Thank you @donte.zoom for confirming this.

I looked into details of our application and we currently require the meeting:read scope, just to support webhook for our Zoom app, informing about “End meeting” event

It seems quite unfortunate to communicate we will access customer’s full calendar/schedule, when in fact we don’t need it at all, and we don’t read/store that info.

Would it be possible to consider making these scopes more granular so we can pick just a reduced scope for the webhook?

Thank you for sharing your feedback. We understand your concerns about the ‘meeting:read’ scope and how it might be perceived in terms of accessing customer’s full calendar/schedule. Please rest assured that I’ll be bringing this up internally for further discussions. While I can’t promise immediate changes, your input is valuable and will certainly be considered as we continually work to improve our developer products. We appreciate your understanding and patience.