We have created a Zoom marketplace app called “Squire”.

At its core, Squire takes the recording of a video or phone call from Zoom and processes it in Squire to drive business results for the user.

The issue we’re running into is to do with permissions around recordings.

It is our understanding, based on the scope of the Squire App and from testing, that the Squire user needs to have the following permissions in Zoom for Squire to be able to access their video and phone recordings:
Phone Management - View
View the recording content - View
Recording management - View

The issue is that with these permissions turned on, the user can see every call that has been recorded through Zoom in that company and a lot of these calls are commercially sensitive. Allowing every user to see all call recordings is a security risk that the client is not comfortable taking.

It is my understanding that the Squire app should be able to retrieve an individual user’s video and phone call recordings without requiring that user to have permission to see all the recordings in the account.

Is that the case? Do we need to change how the app gets notified that the recording is complete (webhook) and accesses these recordings?

@rory,
Thank you for posting in the Zoom Developer Forum. Can you share how you are receiving the recording? Are you getting them via webhook or API? If API, you will want to get a user instead of an account. Here are the user API and Account:

User Call Logs (Will only return user call logs)

Account Call Logs (Will return all Account call logs )

This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.