Given the upcoming deprecation of the Zoom’s verification token in favor of using the x-zm-signature (Zoom API reference: Using webhooks), we wanted to inquire: If we make these changes, will this trigger a security check/review from Zoom? Do we need to resubmit our Zoom Marketplace app for approval? (We aren’t changing the endpoint itself, but only the verification process to ensure that the call did indeed come from Zoom.)
@charles.gigante.rev This will be an update request that your app will send to the marketplace review team. Since this is not a breaking change, it wont have to go through the review, however the marketplace team will still have to approve this for the changes to take effect.
That said, please note that validation (of your endpoint) and verification (of the events coming from zoom) are two different processes. While validation is mandatory (to receive events), verification is optional but highly recommended.