Zoom Government App: You cannot authorize App

The issue is found with Zoom government.

We create an OAuth App on marketplace.zoomgov.com.
The zoom government account has been assigned as a member of Admin role.
When the account is under OAuth authorization, we get the following error (snapshot attached):

You cannot authorize App
You cannot install the app because you don’t have the required permissions. Please contact y our IT administrator for permission and try again.

This is the first time we use Zoom government account for the test.
We used to use normal Zoom account and we don’t have the problem.
We compare the OAuth app on government marketplace and the old one, and they are the same.

For some reason, the forum doesn’t allow me to attach(embed) the snapshot.

After some more investigation by comparing the zoomus App and Zoom Government App, I find the problem.
According to the troubleshooting tips “scenario 4” in the following link

For the Zoom Government App
{zoom government marketplace}/apphelp/{AppID}
“View all users history and channels” maps to “Chat Management - Chat history” and has “Privilege missing”
However, there is no “Chat Management - Chat history” within the Admin Role

The Zoom us App
{zoom us marketplace}/apphelp/{AppID}
“View all users history and channels” maps to “-”, so it doesn’t have this problem. Although the Admin Role doesn’t have the “Chat Management - Chat history” either.

Hi @SongZhang
Thanks for reaching out to the Zoom Developer Forum, I am happy to help here!
Have you been able to work on this issue or do you still some assistance?


Thank you for the help!

I need to remove this scope “imchat:read:admin” from the Zoom government OAuth App to pass the OAuth2 authorization.
This scope is used by a deprecated API, however, I don’t know why Zoom government still provide the user this option in the scope settings. The problem is once you select this scope you can’t pass the OAuth2 authorization.

Thanks for sharing more details with me @SongZhang
So when you remove the scope from your app, you get an error.?
Is this app published in the Marketplace? or is an internal app?

It is an internal app used for our tests.
When I remove the scope from the app, it is working for the OAuth authorization.
If I keep the scope from the app, the OAuth2 authorization fails
"You cannot install the app because you don’t have the required permissions… "

This is found with Zoom Gov app, I have a Zoom US app that selects the same scope and it is good.

Interesting @SongZhang
I will go ahead and send you a private message so I can take a look into this.

Refer to the above snapshot on App Scopes selection.
For Zoom Gov, if I select /imchat:read:admin for the App, the App will fail the OAuth2 authorization. However, it is good for Zoom US App. I suspect it is due to the corresponding API is a deprecated API.

Thanks for sharing more details with me @SongZhang
If you are not using that scope, please remove it from your app so you do not run into the Oauth error

I know if I am not using the scope, I need to remove it from my app.
My question is why it is there and apparently it will fail the OAuth2 once selected. It shouldn’t appear on the government app scope selection.

As it is a deprecated scope it should not appear. Let me reach out to the Engineering team to ask about this issue and will come back to you

Thank you! Please help close the issue.

1 Like