We are developing an app which will potentially be installed in organizations with a very large number of employees ( > 1000 ). The app is really meant to be used by a much smaller subset of these employees ~10. Our app is an account level app which requires permissions in admin scope. The behavior we are experiencing is that a normal user is unable to install the app or even seek pre-approval. Only an admin can install the app. This is ok, but when the admin installs the app, it becomes available for all users in the organization. Is there a way to limit the app availability to a group of users within the organization?
Hey @ps40,
I would suggest creating a User-Level app because this app will be installed on a per user basis, whereas an Account-Level app will be installed once at the Owner/Admin Zoom Account level for all users to use.
In order to limit which users can install the app, you can do this by setting up a role called something like “Allowed App Install” and giving them a permission that matches a scope on your app that other people don’t have.
Reference the “Missing Permissions for App Installation” section. You can use this to limit which users can install your app.
Here is an example on how to accomplish what you want,
As an admin, I pre approved the User Level App (in this case example, Infusionsoft).
Then I created 2 roles: “Allowed to Install App” and “Not Allowed to Install App”.
Here are the permissions each role has,
Allowed to Install App:
Not Allowed to Install App:
When the user with the “Allowed to Install App” role goes to the App Marketplace they can Install the app.
When the user with the “Not Allowed to Install App” role goes to the App Marketplace they can’t install the app (because they don’t have the correct permissions.
When I click to check which permissions are missing, I see this page:
Let me know if this helps!
Thanks,
Tommy
@Tommy thanks for the quick and detailed response. The problem is that we are creating a chatbot, which by default is an account level app. There is no way to change this. Thanks
Okay, since Chatbots are Account Level and accessible by everyone on your Zoom account, I would suggest adding logic to your API (that handles the requests from the Chatbot Endpoint URL).
When someone tries to use a slash command, compare their userId (in the payload) against a list of “allowed userIds” and if they are not in that list, then send a Chatbot message back saying something like “You do not have access to this application”.
Does this help?
-Tommy
@Tommy, yes that we have. We were hoping there was some way to prevent the app suddenly showing up on the Zoom client for so many users and the follow up questions. Thanks for the quick response.