Skip to main content

Check out Interactive Visual Stories to gain hands-on experience with the SSE product features. Click here.

Skyhigh Security

Custom Granular OAuth Application for Zoom

  1. Last updated
  2. Save as PDF

Zoom has introduced a new Custom Granular OAuth application, that empowers administrators to set granular permissions, allowing Skyhigh to monitor the events and perform DLP activities effectively.

Create and Configure Custom Granular OAuth Application for Zoom

To create a Custom Granular OAuth application for Zoom:

  1. Go to Zoom Marketplace
  2. Choose Develop > Build App.

    1.Build_App.png
     
  3. Select General App, and then click Create.

    2. Select_GeneralApp.png
     
  4. On the Basic Information page, select Admin-managed, and then click Save.

    3. Select_AdminManaged.png
     
  5. Under App Credentials, configure the following:
    • Client ID and Client Secret. Copy the Client ID and Client Secret. You must provide these details while enabling API access in Skyhigh CASB.
    • OAuth Redirect URL. Enter the URL in the following format:
 <https://Skyhigh_CASB_URL/shndash/extensions/OAuthCallbackController>
  1. Under OAuth Allow Lists, enter the same URL as OAuth Redirect URL.
  2. Click Continue.

    4. RedirectURL.png
     
  3. On the Access page, under Token, copy the Secret Token. You must provide the Secret Token while enabling API access in Skyhigh CASB.

    6. Access_Token.png

NOTE: If the secret token is not available for selection, click Generate.

Configure Scopes for Zoom

Use the Scopes tab to define the permissions based on which users can access Zoom resources, such as chat messages or user details.

To configure scopes for Zoom:

  1. Go to Scopes > Add Scopes.

    5. AddScope.png
     
  2. Select the following scopes and their associated permissions, then click Done.
  • meeting:read:participant:admin
  • meeting:read:chat_message:admin
  • meeting:update:live_meeting_chat_message:admin
  • team_chat:read:channel:admin
  • team_chat:read:list_user_channels:admin
  • team_chat:read:list_members:admin
  • team_chat:read:user_message:admin
  • team_chat:delete:member:admin
  • team_chat:write:user_message:admin
  • team_chat:update:user_message:admin
  • user:read:user:admin
  • user:read:list_users:admin

7. Scopes_CopyPaste.png

8. Scopes_Selected.png
 

After configuring the scopes for your Zoom instance, create a Zoom instance in Skyhigh CASB.

Enable Event Subscription

To receive Zoom event notifications, you must create an event subscription for Zoom and add Skyhigh CASB's webhook URL for your Zoom instance so that Skyhigh CASB can receive these notifications.

To receive Zoom event notifications:

  1. On the Access page, under General Features, turn ON the toggle button.

    9. Subscription_Toggle_On.png
     
  2. Under Event Subscriptions, configure the following, and then click Save: 
<webhook server domain name/zoom/16000/<tenantId>/<instanceId>
  • Event notification receiver. Select All users in your account.
  • Webhook server domain name. Contact Skyhigh Security Support for webhook server domain name based on your region.

    10. Even Subscription Fields_New.png

Now Skyhigh CASB's webhook URL receives Zoom event notifications.

Configure Event Types for Zoom

NOTES:

  • If you select Event types other than the event types listed above, Zoom does not process those events and Skyhigh CASB throws 500 Internal Server Error. Zoom also blocks sending events if you receive too many 500 Internal Server Errors.
  • All the event types are required except the Meeting event. To apply DLP for your Zoom in-meeting chat messages, see Prerequisites for In-Meeting Chat DLP Support

You can configure the event types for Zoom to specify the Zoom events based on which Skyhigh CASB receives Zoom event notifications. 

To configure event types for Zoom:

  1. On the Access page, under Events, click Add Events.

    17. Click_AddEvents.png
     
  2. Select the following Event types and their associated events, then click Done.

    11. Event_1.png

    12. Event_2.png

    13. Event_3.png

    15. Event_5.png

    16. Event_6.png

    10. Even Subscription Fields (1).png

After integrating Skyhigh CASB with Zoom, you can define DLP policies and attach them to your Zoom instance. For details, see DLP Collaboration Use Cases for Zoom.

  1. Back to top
  • Was this article helpful?

Recommended articles

  1. Article type
    Topic
  2. Tags
    This page has no tags.