Zoom App + OAuth integration to access meeting participants

Zoom Apps
1

Context

We are building a Zoom App that requires the email addresses of the meeting participants of a live meeting. The email is used on the backend as a user’s unique identifier, with the email we can retrieve their profile.

From the Zoom App, there is no way to access the emails. The only way we were able to get the emails is through an account-level OAuth integration with dashboard_meetings:read:admin scope using the endpoint “List meeting participants”. So we created an OAuth app that accesses the API from the backend. The API endpoint requires the meetingId

We are using the JS SDK, which has a method getMeetingUUID to get the meetingId to be used in the OAuth app.

Question
We have all the pieces we need but we don’t know how to connect them. The way we expect it to work is that an end-user from a Zoom Client installs the Zoom App:

  1. An in-client OAuth process is started
  2. Once approved we get the meetingId
  3. Send the meeting ID to the backend
  4. The backend (OAuth app) uses the meeting ID to get the meeting participants from the Zoom API
  5. Send back the list of meeting participants
  6. Display the profiles of the meeting participants in the Zoom App

The problem is that in step 4 an admin has to install the OAuth app and approve the permissions to access the API, in most cases the admin is a different user and in some cases, the end-user doesn’t have admin permissions.

So we have two different apps (Zoom App & OAuth App) with different scopes and access tokens.

We are thinking of “making the connection” using the account_number or account_id that can be obtained from the JWT tokens and the API. That is, our clients have to install the OAuth app first, we store the access token with the account_id, then their users can install the Zoom App, with the account_id from the JWT token of the Zoom App (aid) we can retrieve the access token used for the OAuth app and do the request.

Looks like the account_id is the identifier of a Zoom organization, it means that the app will only work for the same users of the same Org.

Do you think this is the way to go? Or is there another way to do this?

Thanks!

2

This is correct!

This is not an officially supported or documented workflow, but please test and share your findings.

4

Hi @gianni.zoom ,

We were able to complete the integration as described above. It works well for users within the same organization.

So, we ended up with two apps, the Zoom App and the OAuth app. The OAuth app is used to get permission from admins to access the meeting participants using the dashboard_meetings:read:admin, the admin approves it, we store the token, and that’s it.

Since the Zoom App depends on the OAuth app to work, should we submit both apps to the marketplace? I’m asking because it might be confusing to have two apps with the same name that must work together. The OAuth app by itself doesn’t do anything, it’s like a prerequisite for the Zoom App.

Thanks,
Victor

1 Like
5

Hi @cortexht , hmm I recommend posing this question in App Marketplace where our application reviewers will be able to give you a better answer!

It seems like you need to publish both though, since they’re dependent upon each other.