OAuth 2.0 is the industry-standard authorization protocol that allows applications to obtain requested access to user accounts over the HTTP service with the user’s approval.
At Zoom, we prioritize customer’s data security very seriously. Traditionally, a lot of applications used the old model of client-server authentication using which an end-user (the resource owner) has to provide personal credentials such as username and password to authorize third-party applications to have access to their resources. This comes with a lot of security issues and does not allow the user to easily place constraints and limit the scope of access. OAuth 2.0 provides solutions to these issues and establishes improved standards for privacy.
As a developer leveraging Zoom’s API, you can use OAuth to make authorization requests to have access to users’ information related to their Zoom accounts once the users grant you the permission to do so. Your app might need access to various scopes of information and once the user grants authorization to your requests and the authorization is validated by Zoom’s API, an access token is generated. Your application must then provide Zoom’s API with the access token for authentication. Once the access token is validated, your app receives the requested resources from Zoom’s API.