Permissions Required for Zoom
Permissions Required for Zoom
When you grant access to the Zoom app instance, Netskope seeks consent for the following permissions from the Zoom account:
Table 21. Permissions Required by Netskope for Zoom
| Permissions required by Netskope | Description | Purpose | Trade-off if not allowed |
|---|---|---|---|
| account:read:admin | Read account metadata and its configuration. This scope allows an app to view details of a regular account as well as Sub Accounts that are associated with a Master Account, view account settings, account lock settings, managed domains and trusted domains of an account. | Allows Netskope to access the account settings of the Zoom organization. | Rules related to AccountSettings will fail, e.g. this account requires two factor authentication. |
| report:read:admin | This scope allows an app to view the operation logs of activity performed in a Zoom account. | Allows Netskope to check for any changes made to users in the Zoom account. | Any updates made to existing users or the addition of new users in the Zoom account will not be reflected in Netskope SSPM Inventory. Rules associated with Zoom users can not be evaluated for updated users. |
| role:read:admin | This scope allows an app to view the role information of all users in a Zoom account. | Allows Netskope to access role metadata of the users in the zoom account. | Role metadata will not be visible for zoom account users. Rules associated with role metadata can not be evaluated. |
| user:read:admin | Read user metadata.This scope allows an app to view user information of all users in a Zoom account. | Allows Netskope to access user metadata of the account that granted access to Netskope. | All rules will fail because the user metadata is required to populate properties that are relevant to all assets, such as asset_id, account_id, owner, asset name, user name. |
