Submission Checklist

1. Sign Marketplace Developer Agreement

The Zoom Marketplace Developer Agreement must be completed and signed by an Authorized Signing Agent of the company developing and submitting an app. An Authorized Signing Agent is typically a member of a Legal team or executive of the company. The document may be signed digitally using DocuSign.

2. Complete App Descriptions

There are two descriptions available for developers, the Short Description and Long Description, each with a distinct purpose:

The Short Description (text-only) provides information about your business’s core purpose for customers. It should be 1-2 sentences.

The Long Description should provide detailed information about the business value of the app, including its primary use cases, specific features, any requirements/prerequisites for users to consider. It should also provide links/information for additional details and resources users will need to know, including pricing/plans, FAQs, and support options.

Long Descriptions can commonly cause an app submission to be denied if it does not provide users with sufficient insight and information about the app and its functionality.

3. Add Images / Videos

Images are required to show users what to expect when using the submitted app, including function and user-interfaces examples. Videos (up to 10MB) provide expected app usage and user-interface interaction.

For an example of high-quality image/video content, reference the Hubspot app on the Zoom Marketplace.

4. Provide a Privacy Policy URL

Provide the URL for your app’s Privacy Policy document.

A Privacy Policy document should disclose information on the kind of data you collect from your app users and the permissions that a user might have to grant in order to use your app. It should also explain the ways of data collection and the reasons behind it. For instance, if a user needs to create an account to use your service, you should list out the information that you retain from the user.

If your app tracks user activity, you must provide examples of the activities that are tracked and the information that is collected from the activity. If your app provides a way for users to manage and control the permissions that have been granted, you must list out the steps that users can follow to do so.

5. Provide a Terms of Use URL

Provide the URL for your app’s Terms of Use document.

A Terms of Use (ToU) document should include information on the legal agreements that users must be aware of and abide by while using your service. Your app’s ToU could include information such as the minimum age requirement for using the app, intellectual property disclosure, termination of service access, payment policies and more. This ToU should be unique to your Marketplace app and must address the following information at a minimum:

  • Description of Service and Usage Limitation: Include brief information on the services that your app provides to the users. If any of the services are to be used only for personal needs and not commercial usage, include this information in the ToU. If there are specific practices that you want the users to avoid while using your app, clearly state them in the ToU.

  • Description or Links to Privacy Policy: This should provide details on what information you collect from the user and how do you protect their data. Refer to the Privacy Policy section above for more information on this.

  • Description of Expected Procedures and Liability: If your app has certain maintenance windows during which the guaranteed uptime can deflect, include this information on the ToU. In cases of data and business loss of your app users, state who is liable to mitigate for the loss.

  • Description of Payment Policy: State terms of use for subscriptions, in-app purchases, trials or any other payment that a user might have to make while using your app. Provide details about the method of payment and the consequences of not making timely payments.

Although you can refer to these instructions for getting started with writing your ToU, it should not be treated as an exhaustive list. Consult with your company’s legal team to get support authoring a ToU that best meets your app and business requirements.

6. Provide Support URL

All apps published on the Zoom App Marketplace are required to provide a Support URL. Use Zoom’s Best Practices for Support URL Content as a reference for what to include.

7. Provide Deauthorization Event URL for Testing

All apps must provide the proper ability for the User to uninstall or deauthorize the app in compliance with Zoom’s commitment to security and the protection of User data. For a direct guide, reference the Deauthorization documentation.

To do so, apps must provide a secured endpoint for receiving Deauthorization notifications from Zoom and respond with proper data retention practices as outlined in the Marketplace Developer Agreement.

8. Optimize App Data Fetching

Apps are expected to adhere to optimal patterns of requesting and subscribing to data from Zoom. Long-polling the Zoom API instead of subscribing to receive Webhook Event requests is considered an anti-pattern and may cause the app to be denied. There are multiple benefits to subscribe to Webhook events, the most significant being performance and monitoring. Enable Event Subscriptions for an app in the “Features” section while creating or managing the app on the App Dashboard.

9. Remove Unused Scopes from Development

Scopes added to apps expose functionality and access to Zoom APIs. Zoom expects all developers to only enable Scopes to make functional, logical, and business sense for their apps. Failure to use proper API requests for a given scope will cause an app to be denied. Zoom recommends only selecting the minimum required Scopes for app operation.

10. Optimize App Authentication and Refresh Flows

Apps should not make overly frequent requests for OAuth tokens. A token should be requested and stored to allow an app to make API requests, rather than generated on each request.

Data returned on responses from Zoom Authentication endpoints should be cached and access_tokens should be re-used until expired. Once expired, a Refresh Token request can be sent for a new token. For more information on this flow, reference our guide to OAuth with Zoom.

11. Confirm Installation Process for Testing by Zoom

Zoom expects app installation to be quick, efficient, and in a self-service manner. Apps which have a freemium business plan model are ideal models for the Zoom App Marketplace, as they typically allow for self-service account creation tools.

A Configuration URL should be set to allow users to easily access configuration settings for the app/integration within the Zoom Marketplace. This is particularly important for apps which have chosen the “Install from Landing Page” feature.

12. Secure Confidential Information

In addition to following the steps listed above, ensure that the contents that you submit for publication such as app descriptions, support documentation, images and video files, do not expose your App Credentials and other private information. Blur all mentions of information such as tokens, passwords, and keys to secure confidential data.


Need Support?

The first place to look for help is on our Developer Forum, where Zoom Marketplace Developers can ask questions for public answers.

If you can’t find the answer in the Developer Forum or your request requires sensitive information to be relayed, please email us at developersupport@zoom.us.