App Permissions


For your app to be enabled for an end user, it will need to be pre-approved by an account admin or a user with marketplace permissions for their Zoom Account.

For more information on Pre-approval, please see our guide on End User Authorization Flows.

Prerequisites and Scopes

Zoom utilizes OAuth 2.0 to authorize a Zoom user to enable your app without exposing their login information.

To leverage OAuth 2.0, you will need to inform users what information your app needs in order to access user or account information. This will require establishing clear authorization Scopes, which define the resources and API methods used by your App. To ensure user protection, the Zoom Marketplace Team will review and approve each requested scope in order for your app to be available on the Marketplace.

Tip: Limit the scopes

Any app that asks for broader scopes will go through an extensive periodic scrutiny process by the Zoom App security team. We recommend not asking for a broader scope if your app does not need it.

Note: Updating scopes after you generate a Publishable URL will require you to generate a new Publishable URL.

Account-level App Scopes

Account-level scopes are all mapped to management based APIs, and allow admins to take advantage of general account management. All scopes below are installed on an administrative level:

Scope Description Accessible APIs
imchat:bot Add a bot feature GET account settings
account:read:admin View account information GET account settings
account:write:admin View and manage account information All Account APIs
dashboard:read:admin View Dashboard data All Dashboard APIss
group:read:admin View user groups GET Groups APIs
group:write:admin View and manage user groups All Group APIs
imchat:read:admin View all users history and channels GET IM Chat APIs
imchat:write:admin Send messages to chat group or user through a Bot All IM Chat APIs
imgroup:read:admin View IM Group information GET IM Groups APIs
imgroup:write:admin View and manage IM Groups ALL IM Groups APIs
meeting:read:admin View all users’ meetings GET Meeting APIs
meeting:write:admin View and manage all users’ meetings ALL Meeting APIs
recording:read:admin View all users’ recordings GET Cloud Recording APIs
recording:write:admin View and manage all users’ recordings GET Cloud Recordings
report:read:admin View report data GET Reports APIs
scim2 Call Zoom’s SCIM2 API
tsp:read:admin View TSP information GET TSP APIs
tsp:write:admin View and manage TSP information All TSP APIs
user:read:admin View all users’ information GET Users APIs
user:write:admin View and manage all users and users’ information All Users APIs
webinar:read:admin View all users’ Webinars GET Webinars APIs
webinar:write:admin View and manage all users’ Webinars All Webinars APIs

User-managed App Scopes

User-managed App Scopes are apps which require OAuth authentication and allow apps to manage and view an individual Zoom user’s information. All scopes below are available exclusively to users who have authorized the app to access the data:

Scope Description Accessible APIs
imchat:bot Add a bot feature
imchat:read View the user’s channels GET IM Chat APIs
imchat:write Send a message to a chat group or user through a Bot All IM Chat APIs
meeting:read View the user’s meetings GET Meeting APIs
meeting:write View and manage the user’s meetings All Meeting APIs
recording:read View the user’s recordings GET Cloud Recording APIs
recording:write View and manage the user’s recordings All Cloud Recording APIs
tsp:read View the user’s TSP account information GET TSP APIs
tsp:write View and manage the user’s TSP account information All TSP APIs
user:read View the user’s information GET Users APIs
user:write View and manage the user’s information All Users APIs
user_profile View the user’s profile information Users individual management and meeting settings.
webinar:read View the user’s webinars GET Webinars APIs
webinar:write View and manage the user’s webinars All Webinars APIs

OAuth API Availability

OAuth APIs allow apps which have been authorized by individual end-users to manage that user’s Zoom data. The following endpoints are available:

Method URL (v2)
GET /v2/users/me
PATCH /v2/users/me
GET /v2/users/me/settings
PATCH /v2/users/me/settings
GET /v2/users/me/assistants
POST /v2/users/me/assistants
DELETE /v2/users/me/assistants
DELETE /v2/users/me/assistants/{assistantId}
GET /v2/users/me/token
DELETE /v2/users/me/token

Meetings API

Meetings APIs allow apps to read, create, update, and delete Zoom Meetings either for the authorized user or by meetingID. The following endpoints are available:

Method URL(v2)
GET /v2/users/me/meetings
POST /v2/users/me/meetings
GET /v2/meetings/{meetingId}
PATCH /v2/meetings/{meetingId}
DELETE /v2/meetings/{meetingId}
PUT /v2/meetings/{meetingId}/status
POST /v2/meetings/{meetingId}/registrants
GET /v2/meetings/{meetingId}/registrants
PUT /v2/meetings/{meetingId}/registrants/status

Webinar API

Webinar APIs allow apps to read, create, update, The following endpoints are available:

Method URL(v2)
GET /v2/users/me/webinars
POST /v2/users/me/webinars
GET /v2/webinars/{webinarId}
PATCH /v2/webinars/{webinarId}
DELETE /v2/webinars/{webinarId}
PUT /v2/webinars/{webinarId}/status
POST /v2/webinars/{webinarId}/registrants
GET /v2/webinars/{webinarId}/registrants
PUT /v2/webinars/{webinarId}/registrants/status
GET /v2/webinars/{webinarId}/panelists
POST /v2/webinars/{webinarId}/panelists
DELETE /v2/webinars/{webinarId}/panelists
DELETE /v2/webinars/{webinarId}/panelists/{panelistId}

Cloud Recording API

Cloud Recording APIs allow apps to read and delete recorded Zoom Meetings for the authorized user or by meetingID. The following endpoints are available:

Method URL(v2)
GET /v2/users/me/recordings
GET /v2/meetings/{meetingId}/recordings
DELETE /v2/meetings/{meetingId}/recordings
DELETE /v2/meetings/{meetingId}/recordings/{recordingId}

Need help?

The first place to look is on our Developer Forum. If you can't find the answer or your request includes sensitive information, contact Developer Support.