Zoom
Zoom is an all-in-one intelligent collaboration platform that makes connecting easier, more immersive, and more dynamic for businesses and individuals. Zoom technology puts people at the center, enabling meaningful connections, facilitating modern collaboration, and driving human innovation through solutions like team chat, phone, meetings, omnichannel cloud contact center, smart recordings, whiteboard, and more, in one offering.
You can use AWS AppFabric for security to receive audit logs and user data from Zoom, normalize the data into Open Cybersecurity Schema Framework (OCSF) format, and output the data to an Amazon Simple Storage Service (Amazon S3) bucket or an Amazon Data Firehose stream.
AppFabric support for Zoom
AppFabric supports receiving user information and audit logs from Zoom.
Prerequisites
To use AppFabric to transfer audit logs from Zoom to supported destinations, you must meet the following requirements:
-
You must have a Zoom Pro, Business, Education, or Enterprise plan.
-
Your Zoom Admin role must have permission to create server-to-server OAuth applications. For information about enabling server-to-server OAuth applications, see the Enable permissions
section of the Server-to-Server OAuth page in the Zoom Developers Guide on the Zoom website. -
Your Zoom Admin role must have permission to view admin activity logs and sign in/sign out audit activity. For more information about enabling permission to view audit activity, see Using role management
and Using Admin Activity Logs on the Zoom Support website.
Rate limit considerations
Zoom imposes rate limits on the Zoom API. For more
information about Zoom API rate limits, see Rate limits
Data delay considerations
You might see an approximately 24-hour delay for an audit event to be delivered to your destination. This is due to delay in audit events made available by the application as well as due to precautions taken to reduce data loss.
Connecting AppFabric to your Zoom account
After you create your app bundle within the AppFabric service, then you must authorize AppFabric with Zoom. To find the information required to authorize Zoom with AppFabric, use the following steps.
Create a server-to-server OAuth application
AppFabric uses server-to-server OAuth with app credentials to integrate with
Zoom. To create a server-to-server OAuth application in
Zoom, follow the instructions in Create a
Server-to-Server OAuth app
Required scopes
You must add the following scopes to your Zoom server-to-server OAuth application:
-
user:read:admin -
report:read:admin
App authorizations
Tenant ID
AppFabric will request your tenant ID. The tenant ID in AppFabric is the Zoom account ID. To find your Zoom account ID, use the following steps:
-
Navigate to the Zoom marketplace.
-
Choose Manage.
-
Choose the server-to-server OAuth application that you use for AppFabric.
-
Enter the account ID from the App Credentials page into the Tenant ID field in AppFabric.
Tenant name
Enter a name that identifies this unique Zoom organization. AppFabric uses the tenant name to label the app authorizations and any ingestions created from the app authorization.
Client ID
AppFabric will request your client ID. To find your Zoom client ID, use the following steps:
-
Navigate to the Zoom marketplace.
-
Choose Manage.
-
Choose the server-to-server OAuth application that you use for AppFabric.
-
Enter the client ID from the App Credentials page into the Client ID field in AppFabric.
Client secret
AppFabric will request your client secret. To find your Zoom client secret, use the following steps:
-
Navigate to the Zoom marketplace.
-
Choose Manage.
-
Choose the server-to-server OAuth application that you use for AppFabric.
-
Enter the client secret from the App Credentials page into the Client secret field in AppFabric.
Audit log delivery
Zoom makes audit logs available by accessing the API every 24 hours. When viewing audit logs with AppFabric, the data that you see for Zoom is for the previous day’s activities.
