I have a question about a use case.
The goal is for us to access zoom api and fetch meetings, recordings etc from our customer’s Zoom account and use the data for developing some insights. I have the below questions.

  1. Should we be asking our clients to share their JWT credentials/token and then use it for the api calls? Or should this process be via an OAUTH app? What is the recommended approach?

  2. If the answer to point 1 is JWT then will all the api end points work with the JWT token?

Also I have a doubt regarding the api rate limits. Irrespective of whether I use JWT/OAUTH the rate limits applied will be to my customer accounts right? Or is their any limit applied to our service which calls the api?

Hi @puneeth.ranganath

Hope you are doing great! I am happy to help here!
You should NOT be asking your clients to share the JWT credentials with you to make api calls.
Instead, you should create an OAuth app (user level or account level, depending your needs) and each user will authorize your app on their side.

Find a link to our docs here:

Regarding the second question about API reate limits, yes you are right, those limites will apply to the customer/user who authorizes the app

Hope this helps,

@elisa.zoom Thanks for the response. I will check the above document and try creating OAUTH app.

1 Like

Glad Elisa was about to provide a path forward. Please let us know if you have any additional questions, @puneeth.ranganath!

@donte.zoom Had another question will the “Client ID” and “Client Secret” in a OAUTH app ever change or it is always the same? I know we can regenerate the secret but unless we do that these wont change right?

Correct, @puneeth.ranganath! You can regenerate the secret of an OAuth app, but the Client ID will be the same.

1 Like

thank you @donte.zoom

1 Like

Thanks for chiming in @donte.zoom :slight_smile: