OAuth Scopes


OAuth scopes provide a way to limit the amount of access that is granted to an app. Zoom has user level scopes, admin level scopes and master scopes. A user level app can only request for scopes that allow access to an individual user’s associated data. Admin scopes enable an account level app with admin capabilities and require the installer of the app to be an admin or owner of the account to grant those abilities. Master scopes can only be granted to an an account level app by account owners.

An application can set one or multiple scopes while registering their OAuth app in the Zoom App Marketplace. Information regarding the requested scopes is presented to the user during the app installation process. An example regarding the same is shown below:

Once a user authorizes the app with the requested scopes, the app requests Zoom for the user’s access token. This token represents the authorization permitted to the application to access and/or modify specific parts of a user’s data using Zoom Services such as Zoom APIs and Webhooks.

Below, you can find a complete list of scopes, their descriptions and the associated API calls that the app with permitted scope has access to:

Account Scopes

Scope Description Associated APIs
account:read:admin This scope allows an app to view details of a regular account as well as Sub Accounts that are associated with a Master Account, view account settings, account lock settings, managed domains and trusted domains of an account.

account:write:admin This scope allows an app to create Sub Accounts on behalf of a Master Account, disassociate a Sub Account from a Master Account, change account owner on behalf of the current owner, update account settings, update lock settings, options etc.

Billing Scopes

Scope Description Associated APIs
billing:master This scope allows an app to view and manage billing details, plans subscribed on Sub Accounts and data on usage of these plans by the Sub Accounts.

Chat Scopes

Scope Description Associated APIs
chat_message:read This scope allows an app to view user’s chat messages and related information such as date and time of when it was sent, email address of the sender etc.
chat_message:read:admin Sensitive Information

This scope allows an app to view chat messages of all the users in an account who have been assigned with a role that includes View permission for Chat messages. The app will also be able to access information related to the messages such as date and time of when it was sent, email address of the sender etc. Users who do not have this permission will not be able to install apps that request this scope.
chat_message:write This scope allows the app to send chat messages, update and delete previously sent messages on behalf of a user.
chat_message:write:admin Sensitive Information

This scope allows the app to send chat messages, update and delete previously sent messages on behalf of all the users in an account who are assigned with a role that includes Edit permission for Chat Messages. Users who are not assigned with this permission will not be able to install any apps that request this scope.

imchat:read Sensitive Information
This scope allows an app to view chat sessions details, and chat messages of users from a specific date.
imchat:read:admin Sensitive Information
This scope allows an app to view chat sessions details, and chat messages of all users.
chat_channel:read This scope allows the app to view details of the chat channels joined by a user.
  • List Channels

  • Get a Channel

  • List Channel Members

  • chat_channel:write This scope allows the app to view and manage details of the chat channels joined by a user by performing actions on user's behalf such as creating a channel, updating channel details, inviting members to the channel, joining a channel, leaving a channel, removing members from a channel and removing the channel itself.
    chat_channel:read:admin This scope allows the app to view details of the chat channels joined by all users in an account who are assigned with a role that includes View permission for Chat Channels. Users who are not assigned with this permission will not be able to install any apps that request this scope.
  • List Channels

  • Get a Channel

  • List Channel Members

  • chat_channel:write:admin This scope allows the app to view and manage details of the chat channels joined by users by performing actions on user's behalf such as creating a channel, updating channel details, inviting members to the channel, joining a channel, leaving a channel, removing members from a channel and removing the channel itself. Only those users who are assigned with a role that includes Edit permission for Chat Channels can install and use apps that request this scope.

    Chatbot Scopes

    Scope Description Associated APIs
    imchat:bot This scope allows a chatbot to interact with users by sending messages to users, editing the sent messages and deleting the sent messages when needed.

    Contact Scopes

    Scope Description Associated APIs
    contact:read:admin This scope allows an app to lookup users that are in the company contacts of a Zoom account.
    chat_contact:read This scope allows the app to retrieve details on chat contacts of a user.

    Dashboard Scopes

    Scope Description Associated APIs
    dashboard_meetings:read:admin This scope allows an app to view account’s meeting dashboard data such as meeting metrics, meeting participants metrics, meeting quality score, quality of service provided to the participants during meetings.
    dashboard_webinars:read:admin This scope allows an app to view account’s webinar dashboard data such as webinar metrics, webinar participants metrics and quality of service provided to the participants during webinars.
    dashboard_zr:read:admin This scope allows an app to view account’s Zoom Rooms dashboard data such as Zoom Rooms details, metrics on top 25 issues across Zoom Rooms in an account as well as metrics on top 25 Zoom Rooms that have encountered most issues.
    dashboard_home:read:admin This scope allows an app to view metrics on client satisfaction for Zoom Meetings and Webinars.
  • Get Zoom Meetings Client Feedback

  • List Client Meeting Satisfaction

  • dashboard_im:read:admin This scope allows an app to view metrics on the usage of Zoom chat client by users in an account.
  • Get IM Metrics

  • dashboard_im:read:admin This scope allows an app to view metrics on the usage of CRC in an account.
  • Get CRC Port Usage

  • Device Scopes

    Scope Description Associated APIs
    h323:read:admin This scope allows an app to view details of an account’s H.323 or SIP devices such as device name, ID, protocol and encryption options.
    h323:write:admin This scope allows the app to add H.323 or SIP devices on an account, update details of those devices such as device name, ID, protocol and encryption options and remove the device from the account.

    Group Scopes

    Scope Description Associated APIs
    group:read:admin This scope allows an app to view user groups, total number of members in the groups, details of group members, and group settings.
    group:write:admin This scope allows an app to perform actions on behalf of a group admin such as creating groups, adding, removing, updating members in a group, updating group name, deleting groups and updating group settings.

    IM Group Scopes

    Scope Description Associated APIs
    imgroup:read:admin This scope allows an app to perform actions on behalf of an IM group admin such as viewing details of IM groups and IM group members in a Zoom account.
    imgroup:write:admin This scope allows an app to perform actions on behalf of an IM group admin such as creating a new IM group, updating details of the IM group, deleting IM group, adding, removing and deleting IM group members.
  • Create an IM Directory Group


  • Update an IM Directory Group

  • Delete an IM Directory Group

  • Add IM Directory Group Members

  • Delete an IM Directory Group Member

  • Meeting Scopes

    Scope Description Associated APIs
    meeting:read This scope allows an app to view information related to the user’s meetings such as meeting reports, meeting participants, meeting polls and meeting registrants.
    meeting:read:admin This scope allows an app to view meeting information of all the users that are in the Zoom account. This includes meeting reports, meeting participants, meeting polls and meeting registrants.
    meeting:write This scope allows an app to view and manage user’s meetings by performing actions such as scheduling meetings, updating meetings, deleting meetings and updating live streaming options.
      meeting:write:admin
    This scope allows an app to view and manage meeting information of all the users that are in the Zoom account by performing actions such as scheduling meetings, updating meetings, deleting meetings and updating live streaming options.
  • Create a Meeting

  • Update a Meeting

  • Delete a Meeting

  • Update Meeting Status
  • Add a Meeting Registrant

  • Update Meeting Registrant's Status

  • Create a Meeting Poll

  • Update a Meeting Poll

  • Get Meeting Invitations

  • List Poll Results

  • List Past Meeting Files
  • PAC Scopes

    Scope Description Associated APIs
    pac:read:admin This scope allows an app to view Personal Audio Conferencing(https://support.zoom.us/hc/en-us/articles/204517069-Getting-started-with-Personal-Audio-Conference) details of all users in an account such as dedicated dial-in numbers and global dial-in numbers associated with the account, conference ID and password(s) assigned to the account that are used to join the conference.
    pac:write:admin This scope allows the app to view and manage Personal Audio Conferencing details of all the users in an account.
    pac:master This scope allows the app to view and manage Personal Audio Conferencing details of all the Sub Accounts associated with a Master Account.

    Phone Scopes

    Scope Description Associated APIs
    phone:read This scope allows an app to view details related to Zoom Phone of a user such as phone numbers associated with the user, user’s Zoom Phone profile details including calling plans enabled for the user, email address of the user, site details, Zoom Phone voicemails, recordings of user’s Zoom phone calls etc.
  • Get User's Profile

  • Get User's Settings

  • Get User's Call Logs

  • Get User's Recordings
  • Get User's Voicemails

  • phone:read:admin This scope allows an app to view details related to Zoom Phone of all users in an account such as phone numbers associated with the user, users’ Zoom Phone profile including calling plans enabled for the user, email address of the user, site details, Zoom Phone voicemails, recordings of users Zoom phone calls, calling plans of Zoom Phone users etc.
  • Get User's Profile

  • Get User's Settings

  • Get User's Call Logs

  • Get User's Recordings
  • Get User's Voicemails
  • List Phone Numbers

  • Get Call Logs of an Account

  • Get Phone Number Details

  • List Calling Plans
  • List Phone Users

  • List Blocked Lists

  • List Call Queues

  • Get Call Queue Details

  • List Phone Devices

  • Get Device Details

  • Get Details of a Phone Site

  • List Common Area Phones

  • Get Details of a Common Area Phone
  • phone:write This scope allows an app to update a user’s Zoom Phone profile.
  • Update a User's Phone Profile
  • phone:write:admin This scope allows an app with access to Zoom Phone management permissions and the app can perform actions such as updating users’ Zoom Phone settings, Zoom Phone profile that includes information related to calling plans enabled for the user, email address of the user, and site details, assigning and unassigning Phone numbers to users, managing auto-receptionist configurations, blocked lists, call queues, devices, common area phones, phone sites etc.
  • Update a User's Profile

  • Assign Phone Number to a User

  • Unassign User's Phone Number

  • Assign Calling Plan to a User
  • Unassign User's Calling Plan

  • Change Main Company Number

  • Update Auto Receptionist Details

  • Assign Phone Numbers

  • Unassign All Phone Numbers

  • Unassign a Phone Number

  • Create a Blocked List
  • Update a Blocked List

  • Delete a Blocked List

  • Create a Call Queue

  • Update Call Queue Details
  • Delete a Call Queue

  • Assign Numbers to a Call Queue

  • Unassign All Phone Numbers

  • Unassign a Phone Number

  • Add Members to a Call Queue

  • Unassign All Members

  • Unassign a Member
  • Change Call Queue Manager

  • Add a Device

  • Update a Device

  • Delete a Device
  • Create a Phone Site

  • Delete a Phone Site

  • Update Phone Site Details

  • Add a Common Area Phone

  • Update a Common Area Phone

  • Delete a Common Area Phone

  • Report Scopes

    Scope Description Associated APIs
    report:read:admin This scope allows the app to view account, meeting, and webinar statistics via usage, user activity, meeting and webinar reports.
    role:write:admin This scope allows an app to perform actions on behalf of an admin such as creating a role, updating role details, assigning members to a role and unassigning members from a role.

    Role Scopes

    Scope Description Associated APIs
    role:read:admin This scope allows the app to view roles created in an account, details of the roles and details of members that are assigned roles.
    role:write:admin This scope allows an app to perform actions on behalf of an admin such as creating a role, updating role details, assigning members to a role and unassigning members from a role.

    Rooms Scopes

    Scope Description Associated APIs
    room:read:admin This scope allows the app to view accounts’ Zoom Room details such as Room Profile, Room Settings, Room locations, location structure, etc.
    room:write:admin This scope allows an app to perform actions on behalf of an admin such as creating a role, updating role details, assigning members to a role and unassigning members from a role.

    SCIM Scopes

    Scope Description Associated APIs
    scim2 This scope allows an app to provide support for user provisioning through the User resource for users that already exist in a corporate account using IDP such as Okta, Azure AD, etc.

    SIP Phone Scopes

    Scope Description Associated APIs
    sip_phone:read:admin This scope allows an app to view details of SIP Phones configured for users in an account.
    sip_phone:write:admin This scope allows an app to manage details of SIP Phones configured on users’ accounts by performing actions such as enabling users to use SIP phone, updating the SIP Phone configurations and removing SIP Phone from users’ accounts.
  • Create SIP Phone

  • Update SIP Phone

  • Delete SIP Phone

  • Tracking Field Scopes

    Scope Description Associated APIs
    tracking_fields:read:admin This scope allows an app to view details of tracking fields being used by all users in an account. List Tracking Fields
    Get a Tracking Field
    sip_phone:write:admin This scope allows an app to manage tracking fields by performing actions such as creating, updating and deleting tracking fields on behalf of an admin. Create a Tracking Field
    Update a Tracking Field
    Delete a Tracking Field

    TSP Scopes

    Scope Description Associated APIs
    tsp:read This scope allows an app to view user’s TSP account information such as name of the Telephony Service Provider, dial in numbers that were set up for the user, conference code etc. List User's TSP Accounts
    Get a User's TSP Account
    tsp:read:admin This scope allows an app to view TSP account information of all users such as name of the Telephony Service Provider, dial in numbers that were set up for the user, conference code etc. List User's TSP Accounts
    Get a User's TSP Account
    Get Account's TSP Information
    tsp:write This scope allows an app to view and manage TSP information on behalf of a user. This scope allows the app to update a user’s TSP account information such as conference code, TSP bridge, dial-in numbers etc., set global dial-in URL as well delete a user’s TSP account. Add a User's TSP Account
    Update a User's TSP Account
    Delete a User's TSP Account
    Set Global Dial In URL for a TSP User Account
    tsp:read:admin This scope allows an app to view TSP account information of all users such as name of the Telephony Service Provider, dial in numbers that were set up for the user, conference code etc. List User's TSP Accounts
    Get a User's TSP Account
    Get Account's TSP Information
    tsp:write:admin This scope allows an app to view and manage TSP account information on behalf of all the users in the account. This scope allows the app to update a user’s TSP account information such as conference code, TSP bridge, dial-in numbers, etc., set global dial-in URL as well delete a user’s TSP account.

    Add a User's TSP Account
    Add a User's TSP Account
    Update a User's TSP Account
    Delete a User's TSP Account
    Set Global Dial In URL for a TSP User Account

    User Scopes

    Scope Description Associated APIs
    user:read This scope allows an app to view individual user’s profile information including user settings details, permissions that are associated with the user, user token that can be used to allow the user to join a ClientSDK meeting and user’s scheduling privilege information.
    user:read:admin This scope allows an app to view user information of all users in a Zoom account. This information consists of profile information including user settings details, permissions that are associated with the user, user token that can be used to allow the user to join a ClientSDK meeting and user’s scheduling privilege information.
    user:write This scope allows an app to view TSP account information of all users such as name of the Telephony Service Provider, dial in numbers that were set up for the user, conference code etc.
    user:write:admin This scope allows an app to view and manage information of all the users that are in the Zoom account. An app with this access can perform actions on the users’ behalf such as, adding new users under the user’s Zoom account, updating user’s information as well settings, permanently deleting a user, deactivating and activating a user, resetting user’s password, modifying email address of a user and deleting a user’s SSO token.
  • Add a User's TSP Account

  • Add a User's TSP Account

  • Update a User's TSP Account

  • Delete a User's TSP Account

  • Set Global Dial In URL for a TSP User Account
  • Webinar Scopes

    Scope Description Associated APIs
    webinar:read This scope allows an app to view user's Webinars details including information on polls, registrants, absentees, and panelists.
    webinar:read:admin This scope allows an app to view Webinar information of all the users in the Zoom account. This includes details about polls, registrants, absentees, and panelists. updating live streaming options.
    webinar:write This scope allows an app to view and manage user’s Webinars by performing actions such as scheduling new Webinars for the user, updating Webinar details, deleting Webinars and managing Webinar registrants on the users’ behalf.
    meeting:write:admin This scope allows an app to view and manage meeting information of all the users that are in the Zoom account by performing actions such as scheduling meetings, updating meetings, deleting meetings and updating live streaming options.

    SIP Trunk Scopes

    Scope Description Associated APIs
    sip_trunk:read:admin This scope allows an app to view details of SIP Trunks that are assigned to a Sub Account or a Master Account enrolled in SIP Connected Audio Plan. An app with this scope has access to information such as names of the assigned SIP Trunks, IP address of the SIP Server, DNIS (identifier for SIP Trunk enabled account) etc.
    sip_trunk:master This scope allows an app to view and manage SIP Connected Audio configurations and numbers for Sub Accounts on behalf of a Master Account. An app with this scope can perform actions on behalf of a Master Account such as adding internal call out countries, adding new internal numbers and deleting existing numbers in the account.