Device Authorization - Zoom Use Cases

Tan Boon Jun — Fri, 27 Jan 2023 23:13:56 +0000

Introduction

In my Device Authorization article, I shared how to utilize this feature as well as how users can set up and execute simple testing. So what exactly are the potential use cases for users using Device Authorization rather than the conventional OAuth process? Let's explore them here.

Use Case 1 - Smart TV

Recall your login in experience the last time you logged in to your Youtube or Netflix account on your Smart TV. How was the login process user experience?

Imagine having to manually navigate to each of the characters of your email and password for a simple login process. For those with a secure combination of digits or even symbols, this entire sign-in process can be extremely frustrating.

We certainly do not want Zoom's user experience to be frustrating. This is where the magic of Device Authorization comes in. With this feature, a QR code is generated from Zoom's login page for users to scan. This allows users to utilize their Zoom account on their mobile device to grant access to your application with ease.

Use Case 2 - Automotive Touch Screen Display

The same use case above can also be applied to automotive touch screen display! Even with a touch screen keyboard function available, the user can simply scan the same QR code generated from Zoom's login page for application access for additional simplicity.

Use Case 3 - Smart Glasses / AR/VR

Users can face a frustrating challenge in use cases with no virtual or touch-screen keyboard. For example, when using smart glasses for augmented reality (AR) or virtual reality (AR). The Device Authorization Grant solves this!

Video on how can it be done on these use cases

Conclusion

The Device Authorization Grant helps your users easily access your application by removing the painful process of manual credentials and replacing it with Zoom’s simple log-in process. This streamlined log-in process minimizes frustrations and facilitates a positive long-in experience for your users.

Device Authorization - Zoom

Tan Boon Jun — Fri, 27 Jan 2023 23:12:46 +0000

Introduction

Zoom has recently introduced Device Authorization to better improve end user experience when authorizing apps to access Zoom user data on different devices. This also helps to establish a platform wide authorization and authentication workflow to support app access on devices for all Zoom products.

You can authorize with Zoom using the OAuth 2.0 Device Authorization Grant using a simply one-step process. This gives users, who are signed in with Zoom, the ability to authorize app access on another device without typing in the requested user code or needing to re-login to their Zoom account.

Prerequisite for Device Authorization setup

Users must have an existing private Zoom OAuth-capable application (such as Meeting SDK, OAuth, Zoom App and etc) in their Zoom Developer account.
Users will also need to reach out to Zoom's developer support in order to enable this feature and use within their private apps mentioned above.
Postman or other API platform of choice used for testing purposes.
QR code generator or other tools to further ease the authorize app access procedure (optional).

Steps to handle the OAuth 2.0 Device Authorization Grant

Sign in with your Zoom developer account credential at https://marketplace.zoom.us/.
Locate and access your Meeting SDK app by going to the "Manage" section

If you do not have an app at the moment, you can create a new one by going to "Develop", followed by "Build App" and then select the app type of your choice.
This article will use Meeting SDK as an example. Under the Feature tab, enable "Use App on Device"
Under App Credentials -> OAuth credential, save your Client ID and Secret as we will be using these for the next part.
Next, we will retrieve the device authorization information and the verification link. This article will use Postman with Basic Authorization to send a POST request with the client ID and secret to "https://zoom.us/oauth/devicecode"
With the above result, there are a few ways you can redirect user's device by either sending them
- "verification_uri" and "user_code" in another communication means such as email or SMS, Or
- "verification_uri_complete" which includes the user_code embedded inside TADA! There you have it! With the "verification_uri_complete" you can simply turn the link into a QR code for users to scan on their other device (w/ Zoom account signed in) and grant access to your application!

You can also visit our Zoom's Device Authorization Documentation here for more information on each of the request as well as response key and value.

Upon successful verification, users will be prompted to authorize the user of your application.
After clicking on allow, you will see a successful message (e.g. the one shown in the image below on the top right corner) and you can continue with your application.

What's next?

Polling Request for Access & Refresh Token

With the device code that we got previously and the same Basic Authorization used earlier, we can use it to retrieve the access and refresh tokens by calling POST to "https://zoom.us/oauth/token" with "grant_type" of "urn:ietf:params:oauth:grant-type:device_code" and "device_code" that you got from the previous API call.

With the access token, you can work wonders with the capabilities of Zoom's API such as creating a meeting, getting past meeting details and etc.

ZAK Token

In order to start an instant meeting on the user's behalf, we will need to retrieve their ZAK token. We can simply do this by using the access token we got previously and send a GET call to "https://api.zoom.us/v2/users/me/zak".

Potential Use Cases

Visit the next post to see what are the potential use case you can apply Device Authorization to.

Conclusion

With the introduction of the OAuth 2.0 Device Authorization Grant, we can easily authorize another device app access to Zoom easily with the already signed-in Zoom users and make things faster and easier for users!

Video Guide

Device Authorization - Full Setup

Forem: Tan Boon Jun

Device Authorization - Zoom Use Cases

Introduction

Use Case 1 - Smart TV

Use Case 2 - Automotive Touch Screen Display

Use Case 3 - Smart Glasses / AR/VR

Video on how can it be done on these use cases

Conclusion

Device Authorization - Zoom

Introduction

Prerequisite for Device Authorization setup

Steps to handle the OAuth 2.0 Device Authorization Grant

What's next?

Polling Request for Access & Refresh Token

ZAK Token

Potential Use Cases

Conclusion

Video Guide