API Endpoint(s)
Create a recording registrant
POST /meetings/{meetingId}/recordings/registrants
Description
I am using Create a recording registrant.I noticed that the share URL provided in the response is accessible to other accounts. Even if I log in with a different account, I can still access the recording using this URL. This behavior is problematic as the registrant should be restricted to a single account.
Error?
Request JSON:
{
"email": "example@gmail.com",
"first_name": "ABC",
"last_name": "A",
"status": "approved"
}
Response:
{
"registrant_id": "w8GQ7pB5SlB0m8rhg",
"id": 99261738162,
"topic": "Zoom Meeting",
"share_url": "https://zoom.us/rec/share/rQrC8iy0tNcWQfkd_rA9S7_SorjVjkhnwbNaeYacPEVRPFupJ6U9fLgIgRdH_L5c.fKz6cQ40k5qMOw4A?tk=mCVEF-4_m-uGXz6geBW4Q8gWxreJfX0HKzpYw8sjrk0.AG.6ofU32N7MGvnapxMZvvK89sO7MRwqS5iUuFOa0OEevd-4TjTgIfl2JAD7b0rWcL1paFV4VGs7rXld7R9WGGaDdmZZ65t59ZtvWlBg5McuQU6WbbaLwyvkM0FVIuzvjyVHdIduUSiPvZPd_afxpObFgP79XteWc0b3j06.__dXuA1t1XJFXohdex4XuQ.S3EeVkuvWB-O32Cs"
}
Meeting Creation JSON:
{
"duration": 45,
"start_time": "2024-08-02T19:30:00",
"timezone": "Asia/Kolkata",
"auto_recording": "cloud",
"join_before_host": true,
"settings": {
"approval_type": 0
},
"type": 2,
"meeting_authentication": true
}
The API response status code is 200, but it is not working as expected. Please guide me on how to restrict access to the recording URL to a single account.
Thankyou
Hi @zoom.license1
Thanks for reaching out to us
Allow me to do some testing on my end and will get back to you with an update
Cheers,
Elisa
Hi @zoom.license1
Thanks for your patience here, I am trying to replicate this behavior but have been unable to.
Can you confirm that you are creating the meeting via API using this request body
{
"duration": 45,
"start_time": "2024-08-02T19:30:00",
"timezone": "Asia/Kolkata",
"auto_recording": "cloud",
"join_before_host": true,
"settings": {
"approval_type": 0
},
"type": 2,
"meeting_authentication": true
}
And are you starting the meeting and recording it? and once it is a past meeting, you are making a POST request to create a registrant.
Hi @elisa.zoom ,
Yes,I am creating the meeting throught API using same Request body and starting the meeting recording it and once its in past meeting and even the recording got completely saved in account I am creating registrant for it.
Meeting creation request body:
{
"agenda": "Title",
"default_password": false,
"duration": 45,
"start_time": "2024-08-13T16:30:00",
"password": 123456,
"timezone": "Asia/Kolkata",
"auto_recording": "cloud",
"join_before_host": true,
"jbh_time": 10,
"settings": {
"approval_type": 0
},
"type": 2
}
Add recording registrant request body
{
"email": "abc@gmail.com",
"first_name": "abc",
"last_name": "d",
"status":"approved"
}
Thankyou
@zoom.license1
Are you getting a response back when creating the recording registration? or are you just getting a 200 ok with no response body?
Hi @elisa.zoom,
Yes able to get the response like below but I noticed that the share URL provided in the response is accessible to other accounts. Even if I log in with a different account, I can still access the recording using this URL. This behavior is problematic as the registrant should be restricted to a single account.
{
"registrant_id": "w8GQ7pW9rBlB0m8rhg",
"id": 1234567867,
"topic": "Zoom Meeting",
"share_url": "https://zoom.us/rec/share/rQrC8iy0tNcWQfkd_rA9S7_SorjVjkhnwbNaeYacPEVRPFupJ6U9fLgIgRdH_L5c.fKz6cQ40k5qMOw4A?tk=mCVEF-4_m-uGXz6geBW4Q8gWxreJfX0HKzpYw8sjrk0.AG.6ofU32N7MGvnapxMZvvK89sO7MRwqS5iUuFOa0OEevd-4TjTgIfl2JAD7b0rWcL1paFV4VGs7rXld7R9WGGaDdmZZ65t59ZtvWlBg5McuQU6WbbaLwyvkM0FVIuzvjyVHdIduUSiPvZPd_afxpObFgP79XteWc0b3j06.__dXuA1t1XJFXohdex4XuQ.S3EeVkuvWB-O32Cs"
}
Thankyou
@zoom.license1 Thank you
I will send you a DM to get more information about this, please follow up there