Zoom app requirements for sharing app outside this account

Zoom Apps
1

Hi!

I’m building a zoom app, before I publish it on the Marketplace I want to enable it to a few of my company’s alpha-testing partners.

For this I’m selecting the “Request to share this app outside this account” option during my Marketplace submission.

How many of the technical / security requirements are necessary before doing this stage? From my attempted submissions, the following issues have been raised:

  • Evidence of enforcing secure coding practice based on industry standards like OWASP
  • Evidence of DAST (Dynamic Application Security Test)
  • Evidence of 3rd Party Application penetration testing. If available, how often and what
    tool/vendor.
  • Evidence of published privacy and security policy
  • Evidence of Vulnerability management policy or procedure
  • Evidence of infrastructure/dependency management policy or procedure for patching systems and updating dependencies
  • Evidence of an incident management process or procedure

I just wanted to verify if all of these are necessary at this stage, as for example comprehensive 3rd party pen testing can be expensive / time consuming to set up, and I would want to verify that we are doing so through a vendor / certification that Zoom accepts.

Thanks,
Tom

2

Hi @tom-glyphic
Thanks for reaching out to the Zoom Developer Forum and welcome to our community! I am happy to help here!

To be able to share your app with users outside of your account you will need to submit your app for a Publishable URL request:

https://marketplace.zoom.us/docs/guides/publishing/sharing-private-and-beta-apps/

But if the users you are trying to share the app with, belong to the same account as you, you should be able to share the Testable URL with them.

Hope this helps,
Elisa