Zoom Clinical Notes API

API Endpoint(s) and/or Zoom API Event(s)

List clinical notes

GET /v2/clinical_notes/notes

Authentication endpoint used:

POST https://zoom.us/oauth/token?grant_type=account_credentials&account_id=<REDACTED>

Description

The Clinical Notes feature is enabled for our providers in Zoom. However, the Clinical Notes API reports that the feature is not enabled and does not allow us to list or retrieve clinical notes.

Our Server-to-Server OAuth app has been granted the following scopes:

  • healthcare:read:list_clinical_notes:admin

  • healthcare:read:clinical_notes:admin

We receive the same error when listing notes for the account generally, specifying the authenticated user, or specifying a particular provider who has the Clinical Notes feature enabled.

Error

The API returns HTTP 400 with the following response:

{
  "code": 30001,
  "message": "Clinical note feature not enabled for this user."
}

How To Reproduce

1. Request an access token

Request

POST https://zoom.us/oauth/token?grant_type=account_credentials&account_id=<REDACTED>

Authentication method/app type

Server-to-Server OAuth app.

Result

HTTP 200

The resulting token includes these scopes:

healthcare:read:list_clinical_notes:admin
healthcare:read:clinical_notes:admin

2. List clinical notes without specifying an owner

Request

GET https://api.zoom.us/v2/clinical_notes/notes?page_size=1
Authorization: Bearer <REDACTED>

Result

HTTP 400

{
  "code": 30001,
  "message": "Clinical note feature not enabled for this user."
}

3. List clinical notes for the authenticated user

Request

GET https://api.zoom.us/v2/clinical_notes/notes?page_size=1&note_owner_user_id=me
Authorization: Bearer <REDACTED>

Result

HTTP 400

{
  "code": 30001,
  "message": "Clinical note feature not enabled for this user."
}

4. List clinical notes for a specific provider

The specified provider has the Clinical Notes feature enabled.

Request

GET https://api.zoom.us/v2/clinical_notes/notes?page_size=1&note_owner_user_id=<REDACTED_USER_ID>
Authorization: Bearer <REDACTED>

Result

HTTP 400

{
  "code": 30001,
  "message": "Clinical note feature not enabled for this user."
}

Could you clarify whether additional account-level, app-level, or user-level configuration is required before Clinical Notes can be accessed through a Server-to-Server OAuth app?