App Permissions
For your app to be enabled for an end user, it will need to be pre-approved by an account admin or a user with marketplace permissions for their Zoom Account.
For more information on Pre-approval, please see our guide on End User Authorization Flows.
Prerequisites and Scopes
Zoom utilizes OAuth 2.0 to authorize a Zoom user to enable your app without exposing their login information.
To leverage OAuth 2.0, you will need to inform users what information your app needs in order to access user or account information. This will require establishing clear authorization Scopes, which define the resources and API methods used by your App. To ensure user protection, the Zoom Marketplace Team will review and approve each requested scope in order for your app to be available on the Marketplace.
Any app that asks for broader scopes will go through an extensive periodic scrutiny process by the Zoom App security team. We recommend not asking for a broader scope if your app does not need it.
Note: Updating scopes after you generate a Publishable URL will require you to generate a new Publishable URL.
Account-level App Scopes
Account-level scopes are all mapped to management based APIs, and allow admins to take advantage of general account management. All scopes below are installed on an administrative level:
Scope | Description | Accessible APIs |
---|---|---|
imchat:bot | Add a bot feature | GET account settings |
account:read:admin | View account information | GET account settings |
account:write:admin | View and manage account information | All Account APIs |
dashboard:read:admin | View Dashboard data | All Dashboard APIss |
group:read:admin | View user groups | GET Groups APIs |
group:write:admin | View and manage user groups | All Group APIs |
imchat:read:admin | View all users history and channels | GET IM Chat APIs |
imchat:write:admin | Send messages to chat group or user through a Bot | All IM Chat APIs |
imgroup:read:admin | View IM Group information | GET IM Groups APIs |
imgroup:write:admin | View and manage IM Groups | ALL IM Groups APIs |
meeting:read:admin | View all users’ meetings | GET Meeting APIs |
meeting:write:admin | View and manage all users’ meetings | ALL Meeting APIs |
recording:read:admin | View all users’ recordings | GET Cloud Recording APIs |
recording:write:admin | View and manage all users’ recordings | GET Cloud Recordings |
report:read:admin | View report data | GET Reports APIs |
scim2 | Call Zoom’s SCIM2 API | |
tsp:read:admin | View TSP information | GET TSP APIs |
tsp:write:admin | View and manage TSP information | All TSP APIs |
user:read:admin | View all users’ information | GET Users APIs |
user:write:admin | View and manage all users and users’ information | All Users APIs |
webinar:read:admin | View all users’ Webinars | GET Webinars APIs |
webinar:write:admin | View and manage all users’ Webinars | All Webinars APIs |
User-managed App Scopes
User-managed App Scopes are apps which require OAuth authentication and allow apps to manage and view an individual Zoom user’s information. All scopes below are available exclusively to users who have authorized the app to access the data:
Scope | Description | Accessible APIs |
---|---|---|
imchat:bot | Add a bot feature | |
imchat:read | View the user’s channels | GET IM Chat APIs |
imchat:write | Send a message to a chat group or user through a Bot | All IM Chat APIs |
meeting:read | View the user’s meetings | GET Meeting APIs |
meeting:write | View and manage the user’s meetings | All Meeting APIs |
recording:read | View the user’s recordings | GET Cloud Recording APIs |
recording:write | View and manage the user’s recordings | All Cloud Recording APIs |
tsp:read | View the user’s TSP account information | GET TSP APIs |
tsp:write | View and manage the user’s TSP account information | All TSP APIs |
user:read | View the user’s information | GET Users APIs |
user:write | View and manage the user’s information | All Users APIs |
webinar:read | View the user’s webinars | GET Webinars APIs |
webinar:write | View and manage the user’s webinars | All Webinars APIs |
OAuth API Availability
OAuth APIs allow apps which have been authorized by individual end-users to manage that user’s Zoom data. The following endpoints are available:
Method | URL (v2) |
---|---|
GET | /v2/users/me |
PATCH | /v2/users/me |
GET | /v2/users/me/settings |
PATCH | /v2/users/me/settings |
GET | /v2/users/me/assistants |
POST | /v2/users/me/assistants |
DELETE | /v2/users/me/assistants |
DELETE | /v2/users/me/assistants/{assistantId} |
GET | /v2/users/me/token |
DELETE | /v2/users/me/token |
Meetings API
Meetings APIs allow apps to read, create, update, and delete Zoom Meetings either for the authorized user or by meetingID. The following endpoints are available:
Method | URL(v2) |
---|---|
GET | /v2/users/me/meetings |
POST | /v2/users/me/meetings |
GET | /v2/meetings/{meetingId} |
PATCH | /v2/meetings/{meetingId} |
DELETE | /v2/meetings/{meetingId} |
PUT | /v2/meetings/{meetingId}/status |
POST | /v2/meetings/{meetingId}/registrants |
GET | /v2/meetings/{meetingId}/registrants |
PUT | /v2/meetings/{meetingId}/registrants/status |
Webinar API
Webinar APIs allow apps to read, create, update, The following endpoints are available:
Method | URL(v2) |
---|---|
GET | /v2/users/me/webinars |
POST | /v2/users/me/webinars |
GET | /v2/webinars/{webinarId} |
PATCH | /v2/webinars/{webinarId} |
DELETE | /v2/webinars/{webinarId} |
PUT | /v2/webinars/{webinarId}/status |
POST | /v2/webinars/{webinarId}/registrants |
GET | /v2/webinars/{webinarId}/registrants |
PUT | /v2/webinars/{webinarId}/registrants/status |
GET | /v2/webinars/{webinarId}/panelists |
POST | /v2/webinars/{webinarId}/panelists |
DELETE | /v2/webinars/{webinarId}/panelists |
DELETE | /v2/webinars/{webinarId}/panelists/{panelistId} |
Cloud Recording API
Cloud Recording APIs allow apps to read and delete recorded Zoom Meetings for the authorized user or by meetingID. The following endpoints are available:
Method | URL(v2) |
---|---|
GET | /v2/users/me/recordings |
GET | /v2/meetings/{meetingId}/recordings |
DELETE | /v2/meetings/{meetingId}/recordings |
DELETE | /v2/meetings/{meetingId}/recordings/{recordingId} |