Required Permissions

Zoom is introducing Classic and granular scopes to allow users to be more specific about the level of access granted to third-party apps. For more information on scopes, refer to OAuth Scopes.

Classic Scopes

Classic scopes provide a way to limit the amount of access granted to an app. Zoom has user-level, admin-level, and Master-level scopes.Previously-created apps use the previously-available scopes, now called classic scopes. If you upgrade your app you will still be able to use classic scopes.

The following scopes are required for aggregation, provisioning, and deprovisioning:

user:read:admin
user:write:admin
account:read:admin
account:write:admin
group:read:admin
group:write:admin
meeting:read:admin
meeting:write:admin

The minimum requirements for scopes and their connector operations are as follows:

Connector Operation	Scope
User - Read + Write (Create, Update, Enable, Disable, Entitlement Assignment, and Removal)	user:write:admin
Group - Read + Write (Aggregation and Get Groups)	group:write:admin

Granular Scopes

Granular scopes enable developers to practice the principle of least privilege so that users can provide access to the minimal amount of information required by your app. Newly created apps use granular scopes, including new apps created using the new build flow. New apps can also set which scopes are required and which are optional.

The following scopes are required for aggregation, provisioning, and deprovisioning:

user:read:list_users:admin
user:read:user:admin
group:read:list_groups:admin
user:update:status:admin
user:write:user:admin
group:write:member:admin
group:delete:member:admin
user:update:password:admin
user:update:user:admin

The requirements for scopes and their connector operations are as follows:

Connector Operation	Scope
User - Read + Write (Create, Update, Enable, Disable, and Removal)	user:read:list_users:admin user:read:user:admin user:write:user:admin user:update:status:admin user:update:password:admin user:update:user:admin
Group - Read + Write (Aggregation, Add groups, Remove Groups)	group:read:list_groups:admin group:write:member:admin group:delete:member:admin

Connector Operation

Scope

User - Read + Write (Create, Update, Enable, Disable, and Removal)

user:read:list_users:admin

user:read:user:admin

user:write:user:admin

user:update:status:admin

user:update:password:admin

user:update:user:admin

Group - Read + Write (Aggregation, Add groups, Remove Groups)

group:read:list_groups:admin

group:write:member:admin

group:delete:member:admin

Feedback is provided as an informational resource only and does not form part of SailPoint's official product documentation. SailPoint does not warrant or make any guarantees about the feedback (including without limitation as to its accuracy, relevance, or reliability). All feedback is subject to the terms set forth at https://developer.sailpoint.com/discuss/tos.


	You are here:

Required Permissions

Classic Scopes

Granular Scopes

Documentation Feedback