Submission review

All apps submitted for publication on the Zoom App Marketplace undergo a dedicated review process before they can be made available on the Zoom Marketplace. The Marketplace Review team conducts the review and works with the app developers on any issues and additional requirements.

Overview of Review Process

  1. (optional) Self-assessment.
  2. Submit app for review.
  3. Metadata review.
  4. Functional and usability testing.
  5. Security and compliance review.
  6. Checking review status.

Self-assessment (optional)

In preparation for submitting your app for review, you can use the Self-assessment to discover any potential issues. The assessment provides an auto-generated App Review Report with found issues and recommendations to resolve them.

Submitting apps for review

  1. Log into the Zoom Marketplace and click Manage.
  2. Hover over the Action menu for your app and select Request to Publish.
  3. Provide all the requested information and click Submit.
    You’ll receive an automated notification confirming we received your request.

Metadata review

Metadata is information associated with and describing your app. We require almost 30 pieces of metadata, such as product description, landing page URL, documentation. We review for completeness and ease of understandability.

Functional and usability testing

During functional and usability testing, we review apps for the following:

  1. Authorization / Deauthorization process.
  2. User onboarding or Zoom enablement process.
  3. Configuration settings.
  4. User Experience - ease of use.
  5. Required support documentation, feedback resources.
  6. Requested scope use cases.

Security and compliance review

All Zoom Marketplace apps are subject to a security and compliance audit encompassing a multi-part review intended to maintain customer security, integrity and resilience of the ecosystem as a whole.

Vendor attestation

Focused security testing

The testing is focused on Zoom Data handling, including but not limited to:

  • Zoom OAuth implementation.
  • Sensitive data exposure.
  • Broken access control.

Reporting and analysis of test results

Testing results are communicated via Notes.

  • PASS means that the attested TDD meets acceptable use criteria and that the application passes the minimum requirement for securely handling Zoom data.
  • FAIL means the application does not meet acceptable security standards. The Marketplace Security team may, in its discretion, suggest actions you can take to remediate the issues.
  • WARNINGS are reported for analysis and consideration. An application with zero FAILs but one or more WARNINGS receives a PASS.

Learn more about our security best practices.

Checking review status

During the app review process, you can view feedback from the Marketplace Review Team through Notes. A red notification bubble over the speech indicates a message is available for you.

Notes

Click the speech icon to view the notes provided by the app reviewer and to add replies.
To send replies back to the review team, complete all required changes to the application and then click Submit Changes.

Resolved action items and comments appear in Notes as Resolved.

Getting help

Need help?

If you're looking for help, try Developer Support or our Developer Forum. Priority support is also available with Premier Developer Support plans.