# Create a Zoom App By creating a Zoom App, you are taking the first step to integrating with Zoom services such as [Zoom Apps APIs](https://appssdk.zoom.us/classes/ZoomSdk.ZoomSdk.html) and [Zoom Restful APIs](/docs/api). Zoom apps enable users to use your app within the Zoom client. Your app calls the APIs on behalf of the Zoom users who authorize and install your app. For a video walk-through, see [How to Create a Zoom App](https://www.youtube.com/watch?v=otlyDxnU-RI). --- ## Prerequisites - You have read [Key Concepts](/docs/platform/key-concepts/). - You have a Zoom account. - You are either the Zoom account owner, account admin, or have been assigned the **Zoom for developers** role. To enable the **Zoom for developers** role, log into the Zoom web portal as admin and go to **User Management** > **Roles** > **Role Settings** > **Advanced features**, and select the **View** and **Edit** checkboxes for **Zoom for developers**. ![](/img/UBF-role-prerequisite.png) For more information, see [Using role management](https://support.zoom.us/hc/en-us/articles/115001078646). --- ## Enable developer tools By default, developer tools are disabled in the Zoom Client. To enable them, set `webview.context.menu` to `true` before launching the Zoom Client. **Note:** You must restart the Zoom app. **On Windows**: Add the following to the `zoom.us.ini` file. This file is located in the `%appdata%/Zoom/data` directory. ```ini [ZoomChat] webview.context.menu=true ``` **On Mac** : ```ini defaults write ZoomChat webview.context.menu true ``` --- ## Process 1. Log into the Zoom Marketplace and select to build a general (OAuth) app. 2. Enter or update basic app information such as the app name, access type, and OAuth. 3. Select the Zoom products and features that the app works with. 4. Select the Zoom API methods (scopes) the app uses to interact with the Zoom platform. 5. Preview your app and test it with internal users. --- ## Step 1: Build a general app 1. Log onto the Zoom App Marketplace. 2. Click **Develop** > **Build App**. 3. Select **General app** and click **Create**. ## Step 2: Maintain basic information On the **Basic Info** page, add or update information about the app such as the app's name, how the app is managed, app credentials, and OAuth information. 1. Update your app's name. By default, the build flow generates a generic name for your app. To change your app's name, select the edit icon (pencil) and update the name. To save your changes, click anywhere outside of the app name field. ![](/img/UBF-app-name.png) 2. In the **Select how the app is managed** section, confirm how you want your app to be managed. > The app management type affects the features and scopes available to your app. If you change the app management type later on, make sure you reconfirm the selected features and scopes for your app. - **Admin-managed:** Account admins add and manage the app. Depending on the scope, the app can access and manage the user data of users on their account. - **User-managed:** Individual users add and manage the app. The app has access to only the user's authorized data. > Select user-managed if your app uses Guest Mode, Collaborate Mode, Personal Zoom Room, or Zoom on mobile. 3. **App Credentials** - The build flow automatically generates app credentials (client ID & client secret) for your app. App credentials for development differ from app credentials for production. - Use development credentials while you are building and testing your app. - Use production credentials once you are ready to publish your app on the Marketplace. 4. In the **OAuth Information** section, set up OAuth for your app. - **OAuth redirect URL (required)**: Enter your development redirect URL or endpoint to set up OAuth between your app and Zoom. - **Use Strict Mode URL (optional)**: Allow only the redirects that exactly match the valid OAuth redirect URLs. - **Subdomain check (optional)**: Only allow the redirects that exactly match the subdomain of the valid OAuth redirect URLs. - **OAuth allow lists (required)**: Add any unique URLs that Zoom should allow as valid redirects for your OAuth flows. This additional security measure ensures that users are only redirected to the pre-approved endpoints you provided. Include either the complete URL (https://subdomain.domain.tld/path/to/oauth/callback) or the base URL without the path and/or query parameters (https://subdomain.domain.tld). ## Step 3: Select Zoom products and features On the **Features** page, go to the **Surface** tab. 1. In the **Select where to use your app** section, select the Zoom products your app works in. ![](/img/UBF-select-product2.png) **Note**: The app management type affects which products are selectable. For more information, see [Admin-managed apps](/docs/build-flow/create-oauth-apps/#admin-managed-apps) and [User-managed Apps](/docs/build-flow/create-oauth-apps/#user-managed-apps). 2. Enter the **Home URL** domain for your product. The Home URL enables you to run a web browser inside the Zoom client and display the Home URL domain inside the in-client web browser. > You must have the required [OWASP response headers](/docs/zoom-apps/security/owasp/) in your Home URL. 1. In the **Domain Allow List**, add URLs to be accepted by the Zoom client. 2. In the **In-client app features** section, select the Zoom features available to your app users in the Zoom client. The availability of the features depends on the selected Zoom products and your app's management type. For more information, see [In-client app features](/docs/build-flow/create-oauth-apps/#select-in-client-app-features). 3. By default, Zoom apps work in the Zoom Client for desktop. In the **Zoom Client Support** section, you can select additional Zoom clients your app works in: - [Mobile](/docs/zoom-apps/guides/mobile/) - [Zoom Rooms](/docs/rooms/za/za-szr/) ## Step 4: Select scopes (API methods) Scopes define the API endpoints and methods that your app is allowed to use in order to access specified resources for your users. This defines which information and capabilities are available to your user. On the **Scopes** page, select the Zoom API methods your app is allowed to call. 1. Select **Add Scopes**. 2. Select the Zoom product and check the desired scopes, then select **Done**. There are two scopes specific to Zoom Apps: 1. `zoomapp:inmeeting` to make the app available in Meetings. 2. `zoomapp:inwebinar` to make the app availble in Webinars. For more information about scopes, see [OAuth scopes](/docs/internal-apps/oauth-scopes/). 3. In the **Scope Description** field, explain how the requested scope is necessary for your app. > When you add a scope, you are actually submitting a request to the Zoom Security Review team to allow your app to access specific Zoom API endpoints. A key principle in Zoom security practice is minimal access. If the Zoom Security Review team determines the requested scope is not necessary for your app, they may reject the scope request. --- ## Step 5: Test and preview your app On the **Local Test** page, add and preview your app and share it with internal users. **To add** the app for your own account, select **Add App Now** and then **Allow**. **To see** a summary of your app's details and a preview of your app's listing page on the Zoom App Marketplace, select **Preview Your App Listing Page**. > For security reasons, we limit the sharing of beta apps. We don't allow beta apps to be published to the Zoom Marketplace, and we allow beta app access only to members of the developer's Zoom account. To share your app with other users on your account, go to the **Authorization URL** section, and select **Generate** and then **Copy**. --- ## Resources - [Sample Reference Zoom Apps](/docs/zoom-apps/reference-apps) - [Create a general app](/docs/build-flow/create-oauth-apps/) - [Submit apps for review](/docs/build-flow/submitting-apps-for-review/) - [Publish your apps](docs/distribute/app-submission/submit-apps-review/)