Zoom utilizes webhooks as a medium to notify third-party applications (consumer applications) about events that occur in a Zoom account. Instead of making repeated calls to pull data frequently from the Zoom API, you can use webhooks to get information on events that happen in a Zoom account. The account must install your webhook-enabled app to authorize data flow via webhooks.
These event notifications are sent as HTTP
POST requests in JSON, to the endpoint you specify in your Marketplace app.
On This Page
- Objects, Actions, and Events
- Enable Webhooks
- Notification Structure
- Request Body
- Notification Delivery
- Next Steps
Objects, Actions, and Events
Objects are pieces of data that form the resources provided by Zoom such as Zoom APIs and Webhooks. An event occurs when a user performs an action that causes a change in the value of an object. The events are grouped into core event types as listed below:
- Meeting Events
- Webinar Events
- Recording Events
- Zoom Room Events
- User Events
- Account Events
Each Zoom event type is comprised of multiple webhook events. These webhook events are defined by a common naming rule:
$object.$action. The following table represents a list of objects and actions that make up Zoom events:
For example, one of the webhook events under the Account event type is
user.created. This webhook is triggered whenever a user is created on a Zoom account that is subscribed to the
User has been created event under the
User event type.
To enable webhooks for these events, you must add Event Subscriptions to your Marketplace app. Refer to the next section, Enable Webhooks, for information on enabling webhooks with event subscriptions for each app type.
Webhooks can be enabled in any of the following app types in the Zoom App Marketplace:
OAuth App: Select this app type to securely integrate with Zoom APIs and access users’ authorized data using a user-based authentication approach. This app can either be installed and managed across an account by account admins (account-level app) or by users individually (user-managed app). You can also publish this app on the Zoom App Marketplace and make your app accessible to millions of Zoom users.
JWT App: Select this app type to establish server-to-server interactions with the Zoom API.
Webhook-only App: Select this app type if your app requires user information only on events that you subscribe to and does not need to pull data from the Zoom APIs. This app will only be activated in your Zoom account and thus, you can subscribe to events that occur in your Zoom account only.
Chatbot: Select this app type to enable your app to interact with Zoom users on the Zoom Client via chat. You can subscribe to events that occur on your own account or any other accounts that install your Chatbot.
To enable webhooks, in all of these apps, you must follow the following steps at a minimum:
Create an app on the Zoom App Marketplace. Choose one of the app types mentioned above. Provide basic information required while creating the app.
Provide a valid Event Notification Endpoint URL. This is the designated URL of your app where you will receive the webhook POST requests, also known as event notifications.
The notifications will be sent every time an event that your app is subscribed to, occurs in a Zoom account of a user that has installed your webhook-enabled app. This URL must be secured over HTTPS.
On the Features page of the App’s Dashboard, enable Event Subscriptions. Select the events from available Event Types that you would like to subscribe to and click “Done”. Save the configurations for the Event Subscriptions.
Optionally, you can customize other features that are available for your app such as Scopes, Chat Subscription, etc. as needed.
After one of the events that you subscribed to occurs on your Zoom account or any other Zoom account that has installed your webhook-enabled app, Zoom will send an event notification to your app’s Event Notification Endpoint URL in the form of an HTTP POST request. This request includes a JSON Request Body and multiple Headers.
The POST request will contain several headers such as
content-type header represents the media type of the resource whereas the
authorization header is unique to your app and confirms the validity of the request. To verify if a request is sent by the Zoom Service, compare the
authorization header with the verification token generated in the Features page of your Marketplace app.
The request body includes information on the event such as the type of event that occurred, the
account_id (a unique identifier for a Zoom account) of the account in which the event occurred, and information on the object containing fields whose value(s) have changed during an event.
After receiving a notification, your Event Notification Endpoint URL should respond with either a
200 or a
204 HTTP status code within three seconds for Zoom to consider that the notification was successfully delivered. Zoom will try to deliver the notification for up to three times for an event. If after executing the retry-logic, Zoom doesn’t receive a
2XX response, no further notifications related to that event will be sent to your app’s Event Notification Endpoint URL.
Explore various Zoom Webhooks, learn about their payloads and view examples in the upcoming sections. Or head over to our Marketplace documentation on Webhooks to get an in-depth overview.
Feeling ready to enable webhooks in your app? Start building on the Zoom App Marketplace.
The first place to look for help is on our Developer Forum, where Zoom Marketplace Developers can ask questions for public answers.
If you can’t find the answer in the Developer Forum or your request requires sensitive information to be relayed, please email us at email@example.com.