KiviCare supports two primary ways to authenticate with Zoom. Choosing the right one depends on your clinic’s business model.
1. OAuth 2.0 (The “Bring Your Own Account” Model)
- Best For: Multi-specialty clinics where each doctor pays for their own Zoom Pro account.
- How it Works: The admin sets up the “App Shell,” but each doctor clicks “Authorize” using their personal login.
- Who owns the meetings? Each individual doctor.
- Complexity: High for doctors (each must click a button), low for admins.
2. Server-to-Server OAuth (The “Enterprise” Model)
- Best For: Hospitals or Large Clinics that provide a central Zoom account for all staff.
- How it Works: The admin provides an
Account ID. The plugin uses this to create meetings on behalf of any user in that Zoom account.
- Who owns the meetings? The Clinic Organization.
- Complexity: Low for doctors (instant setup), high for admins (requires account-level permissions).
📊 Comparison At-a-Glance
| Feature | OAuth 2.0 | S2S OAuth |
|---|
| User Setup | Required for each Dr. | Not required |
| App Type | User-managed | Account-managed |
| Personal Zoom Login | Needed | Not needed |
| HIPAA Compliance | Standard | High (BAA friendly) |
Next: Connection Testing & Validation
