{"id":3113,"date":"2026-04-01T10:05:28","date_gmt":"2026-04-01T10:05:28","guid":{"rendered":"https:\/\/documentation.iqonic.design\/kivicare-wordpress\/?p=3113"},"modified":"2026-04-01T10:31:08","modified_gmt":"2026-04-01T10:31:08","slug":"publishing-your-zoom-oauth-app","status":"publish","type":"post","link":"https:\/\/documentation.iqonic.design\/kivicare-wordpress\/kivicare-telemed-addon\/documentation\/zoom-marketplace-readiness\/publishing-your-zoom-oauth-app\/","title":{"rendered":"Publishing Your Zoom OAuth App"},"content":{"rendered":"<div class=\"nolwrap\">\n<p>This comprehensive guide will walk you through the exact steps required to create, configure, and submit a Zoom OAuth (General) application for the KiviCare Telemedicine Addon. Following these steps ensures your app meets Zoom&#8217;s security and functional requirements for production use.<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\" \/>\n\n\n\n<h2 class=\"wp-block-heading\">Step 1: Initial App Creation<\/h2>\n\n\n\n<ol class=\"wp-block-list\">\n<li>Navigate to the <a href=\"https:\/\/marketplace.zoom.us\/\" target=\"_blank\" rel=\"noopener\">Zoom App Marketplace<\/a> and log in.<\/li>\n\n\n\n<li>In the upper right corner, click on the <strong>Develop<\/strong> dropdown menu and select <strong>Build App<\/strong>.<\/li>\n\n\n\n<li>Choose the <strong>General App<\/strong> option and click <strong>Create<\/strong>.<\/li>\n\n\n\n<li>At the top center of the screen, ensure you toggle from &#8220;Development&#8221; to the <strong>Production<\/strong> tab.<\/li>\n<\/ol>\n\n\n\n<h2 class=\"wp-block-heading\">Step 2: Basic Configuration<\/h2>\n\n\n\n<p>Navigate to the <strong>Basic Information<\/strong> section in the left sidebar and fill in the details:<\/p>\n\n\n\n<ol class=\"wp-block-list\">\n<li><strong>Developer Contact Information:<\/strong> Enter your Name and Email address.<\/li>\n\n\n\n<li><strong>Select how the app is managed:<\/strong> Select the <strong>User-managed<\/strong> option.<\/li>\n\n\n\n<li><strong>App Credentials:<\/strong> Copy the <strong>Client ID<\/strong> and <strong>Client Secret<\/strong>. Save these securely, as you will need to paste them into your kivicare admin dashboard -&gt; Settings -&gt; Integration -&gt; Zoom Telemed -&gt; Zoom OAuth Configuration.<\/li>\n\n\n\n<li><strong>OAuth Information:<\/strong><\/li>\n<\/ol>\n\n\n\n<ul class=\"wp-block-list\">\n<li>In the <strong>OAuth Redirect URL<\/strong> field, paste the redirect URL found in your KiviCare Admin Dashboard <em>(Settings -&gt; Integration -&gt; Zoom Telemed -&gt; Zoom OAuth Configuration -&gt; Redirect URL)<\/em>.<\/li>\n\n\n\n<li>Check the box for <strong>&#8220;Use Strict Mode for Redirect URLs&#8221;<\/strong>.<\/li>\n\n\n\n<li>In the <strong>OAuth Allow Lists<\/strong> field, enter the exact same URL you used for the OAuth Redirect URL.<\/li>\n<\/ul>\n\n\n\n<ol class=\"wp-block-list\">\n<li>Click <strong>Continue<\/strong>.<\/li>\n<\/ol>\n\n\n\n<h2 class=\"wp-block-heading\">Step 3: Access, Surface, Embed, Connect, &amp; Custom Form<\/h2>\n\n\n\n<ul class=\"wp-block-list\">\n<li>You do not need to configure anything in these five sections. Simply click <strong>Continue<\/strong> at the bottom of each page until you reach the &#8220;Scopes&#8221; section.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\">Step 4: Scopes<\/h2>\n\n\n\n<ol class=\"wp-block-list\">\n<li>Click on <strong>+ Add Scopes<\/strong>.<\/li>\n\n\n\n<li>Search for and select the following 5 scopes:<\/li>\n<\/ol>\n\n\n\n<ul class=\"wp-block-list\">\n<li><code>meeting:write:meeting<\/code><\/li>\n\n\n\n<li><code>meeting:delete:meeting<\/code><\/li>\n\n\n\n<li><code>meeting:update:meeting<\/code><\/li>\n\n\n\n<li><code>meeting:read:meeting<\/code><\/li>\n\n\n\n<li><code>user:read:user<\/code><\/li>\n<\/ul>\n\n\n\n<ol class=\"wp-block-list\">\n<li>Click <strong>Continue<\/strong>.<\/li>\n<\/ol>\n\n\n\n<h2 class=\"wp-block-heading\">Step 5: Actions<\/h2>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Do nothing in this section. Click <strong>Continue<\/strong>.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\">Step 6: App Listing<\/h2>\n\n\n\n<p>This section defines how your app appears. Fill out the three sub-sections as follows:<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">1. App Information<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>App Icon:<\/strong> Upload your app icon.<\/li>\n\n\n\n<li><strong>App Name &amp; Company Name:<\/strong> Enter your desired application and company names.<\/li>\n\n\n\n<li><strong>Short Description:<\/strong> Paste the following text:<\/li>\n<\/ul>\n\n\n\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p><em>Automate Zoom meeting creation for virtual appointments directly from the KiviCare Clinic Management dashboard.<\/em><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Long Description:<\/strong> Paste the following text:<br><em>The KiviCare Telemedicine integration bridges the gap between your physical clinic and the digital world. By integrating Zoom directly into the KiviCare workflow, it allows healthcare providers to offer high-quality virtual consultations without leaving their dashboard.<\/em><\/li>\n<\/ul>\n\n\n\n<p><em>Key Features:<\/em><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><em>Automated Provisioning: Zero-click meeting creation. When a tele-medical appointment is scheduled, the system automatically creates a secure Zoom meeting.<\/em><\/li>\n\n\n\n<li><em>Dynamic Link Distribution: Automatically generates and stores unique Start URLs for Doctors and Join URLs for Patients.<\/em><\/li>\n\n\n\n<li><em>Secure: Enforces Waiting Rooms and unique passwords for every meeting to prevent unauthorized access.<\/em><\/li>\n\n\n\n<li><em>Multi-Doctor Support: Supports individual OAuth connections for clinics with multiple independent practitioners.<\/em><\/li>\n\n\n\n<li><strong>Cover Image:<\/strong> Upload a relevant cover image banner.<\/li>\n\n\n\n<li><strong>App Gallery:<\/strong> Upload 4 screenshots demonstrating the integration.<br>You can download and use these pre-made reference screenshots for your app gallery:<br>1) <a href=\"https:\/\/documentation.iqonic.design\/kivicare-wordpress\/wp-content\/uploads\/sites\/18\/2026\/04\/Screenshot-1.jpg\" target=\"_blank\" rel=\"noreferrer noopener\">image-1<\/a> 2) <a href=\"https:\/\/documentation.iqonic.design\/kivicare-wordpress\/wp-content\/uploads\/sites\/18\/2026\/04\/Screenshot-2.jpg\" target=\"_blank\" rel=\"noreferrer noopener\">image-2<\/a> 3) <a href=\"https:\/\/documentation.iqonic.design\/kivicare-wordpress\/wp-content\/uploads\/sites\/18\/2026\/04\/Screenshot-3.jpg\" target=\"_blank\" rel=\"noreferrer noopener\">image-3<\/a> 4) <a href=\"https:\/\/documentation.iqonic.design\/kivicare-wordpress\/wp-content\/uploads\/sites\/18\/2026\/04\/Screenshot-4.jpg\" target=\"_blank\" rel=\"noreferrer noopener\">image-4<\/a><\/li>\n\n\n\n<li><strong>Adding Your App:<\/strong> Select <strong>&#8220;From your site&#8221;<\/strong>.<\/li>\n\n\n\n<li><strong>Direct Landing URL:<\/strong> Enter your doctor dashboard Zoom settings URL. Format: <code>{baseurl}\/kivicare-doctor-dashboard\/setting\/zoom-configuration<\/code> (You can easily copy this by logging into your Doctor Dashboard -&gt; Settings -&gt; Integration -&gt; Zoom telemed setting).<\/li>\n\n\n\n<li><strong>Other Marketplaces:<\/strong> For &#8220;Do you list this application on other app marketplaces or stores?&#8221;, select <strong>No<\/strong>.<\/li>\n\n\n\n<li><strong>Categorize Your App:<\/strong><\/li>\n\n\n\n<li>Marketplace Category: Select <strong>&#8220;Health and Wellness&#8221;<\/strong> and <strong>&#8220;Scheduling&#8221;<\/strong>.<\/li>\n\n\n\n<li>Industry Vertical: Select <strong>&#8220;Healthcare&#8221;<\/strong>.<\/li>\n<\/ul>\n<\/blockquote>\n\n\n\n<h3 class=\"wp-block-heading\">2. Links &amp; Support<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Provide valid URLs for your <strong>Privacy Policy<\/strong>, <strong>Terms of Use<\/strong>, <strong>Support<\/strong>, and <strong>Documentation<\/strong>. <em>(Ensure these pages exist on your live website).<\/em><br><em>You can use these pre-written content templates as a reference for your own pages:<\/em><br><a href=\"https:\/\/documentation.iqonic.design\/kivicare-wordpress\/privacy-policy\/\" target=\"_blank\" rel=\"noreferrer noopener\">privacy-policy<\/a>, <a href=\"https:\/\/documentation.iqonic.design\/kivicare-wordpress\/terms-of-use\/\" target=\"_blank\" rel=\"noreferrer noopener\">terms-of-use<\/a>, <a href=\"https:\/\/documentation.iqonic.design\/kivicare-wordpress\/contact-us\/\" target=\"_blank\" rel=\"noreferrer noopener\">contact-us<\/a>, <a href=\"https:\/\/documentation.iqonic.design\/kivicare-wordpress\/zoom-integration-guide\/\" target=\"_blank\" rel=\"noreferrer noopener\">zoom-integration-guide<\/a><\/li>\n\n\n\n<li><strong>Crucial:<\/strong> Check the box that says: <em>&#8220;This page includes language informing users of their data subject rights and how to exercise them.&#8221;<\/em><\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">3. EU &amp; Discoverability<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Scroll down to <strong>App discoverability<\/strong>.<\/li>\n\n\n\n<li>Select the <strong>&#8220;Set my app as Unlisted&#8221;<\/strong> option.<\/li>\n\n\n\n<li>Click <strong>Continue<\/strong>.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\">Step 7: Monetization<\/h2>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Do nothing in this section. Click <strong>Continue<\/strong>.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\">Step 8: Technical Design<\/h2>\n\n\n\n<p>This section requires specific text and documents to pass Zoom&#8217;s security review.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">1. Overview Tab<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Technology Stack:<\/strong> Copy and paste the following text:<\/li>\n<\/ul>\n\n\n\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p><em>The application is a WordPress plugin built on PHP (compatible with 8.0+) running within the WordPress CMS environment.<\/em><br><em>1. Backend &amp; Networking: It utilizes the WordPress HTTP API (WP_Http class) to perform RESTful requests to the Zoom Meeting API v2. It uses standard cURL\/Streams for data transport over TLS 1.2+.<\/em><br><em>2. Database: Data persistence is handled via MySQL\/MariaDB. It creates a custom table (wp_kc_appointment_zoom_mappings) to store non-sensitive meeting metadata (Meeting IDs, UUIDs, Join URLs). OAuth tokens and configuration secrets are stored in the WordPress wp_usermeta and wp_options tables.<\/em><br><em>3. Authentication: The app implements standard OAuth 2.0 for individual doctor authorization and Server-to-Server OAuth for clinic-wide management. Token lifecycle (exchange, refresh, and revocation) is managed internally by the plugin.<\/em><br><em>4. Frontend: The user interface (Doctor Dashboard and Settings) is built using React.js, which communicates with the PHP backend via custom endpoints extending the WordPress REST API.<\/em><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Architecture Diagram:<\/strong> Upload the <code><a href=\"https:\/\/documentation.iqonic.design\/kivicare-wordpress\/wp-content\/uploads\/sites\/18\/2026\/04\/Architecture-Diagram.png\" target=\"_blank\" rel=\"noreferrer noopener\">architecture_diagram.png<\/a><\/code> file.<\/li>\n<\/ul>\n<\/blockquote>\n\n\n\n<h3 class=\"wp-block-heading\">2. Application Development<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Secure software development process (SSDLC)?<\/strong> Select <strong>Yes<\/strong> and upload <code><a href=\"https:\/\/documentation.iqonic.design\/kivicare-wordpress\/wp-content\/uploads\/sites\/18\/2026\/04\/SSDLC_Policy.pdf\" target=\"_blank\" rel=\"noreferrer noopener\">SSDLC_policy.pdf<\/a><\/code>.<\/li>\n\n\n\n<li><strong>Undergo SAST and\/or DAST?<\/strong> Select <strong>Yes<\/strong> and upload <code><a href=\"https:\/\/documentation.iqonic.design\/kivicare-wordpress\/wp-content\/uploads\/sites\/18\/2026\/04\/Security_Testing_Report.pdf\" target=\"_blank\" rel=\"noreferrer noopener\">security_testing_report.pdf<\/a><\/code>.<\/li>\n\n\n\n<li><strong>3rd Party Application penetration testing?<\/strong> Select <strong>Yes<\/strong> and upload <code><a href=\"https:\/\/documentation.iqonic.design\/kivicare-wordpress\/wp-content\/uploads\/sites\/18\/2026\/04\/Penetration_Testing_Summary.pdf\" target=\"_blank\" rel=\"noreferrer noopener\">Penetration_Testing_Summary.pdf<\/a><\/code>.<\/li>\n\n\n\n<li><strong>Additional Documents (Recommended):<\/strong> Upload <code><a href=\"https:\/\/documentation.iqonic.design\/kivicare-wordpress\/wp-content\/uploads\/sites\/18\/2026\/04\/KiviCare_Security_and_Privacy_Policies.pdf\" target=\"_blank\" rel=\"noreferrer noopener\">KiviCare_Security_and_Privacy_Policies.pdf<\/a><\/code>.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">3. Security Section<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Answer <strong>Yes<\/strong> to all 3 questions.<\/li>\n\n\n\n<li>In the text box asking to <em>\u201cProvide details on how this data is protected \u2018at rest\u2019\u201d<\/em>, paste the following:<\/li>\n<\/ul>\n\n\n\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p><em>Protection Mechanism:<\/em><br><em>1) Storage Location: Zoom OAuth Access and Refresh tokens are stored within the WordPress database (wp_usermeta table) linked to the specific Doctor&#8217;s user ID.<\/em><br><em>2) Encryption: We rely on database-level encryption (TDE) where available on the host server. Access to this table is strictly restricted to authenticated WordPress Administrators via Role-Based Access Control (RBAC).<\/em><br><em>3) Lifecycle: Tokens are automatically purged from the database immediately upon the user initiating the &#8216;Disconnect&#8217; action from the application dashboard.<\/em><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Click <strong>Continue<\/strong>.<\/li>\n<\/ul>\n<\/blockquote>\n\n\n\n<h2 class=\"wp-block-heading\">Step 9: Beta Test<\/h2>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Click the <strong>Add App<\/strong> button to test the configuration, then click <strong>Continue<\/strong>.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\">Step 10: App Submission<\/h2>\n\n\n\n<p>Finalize your submission for the Zoom review team:<\/p>\n\n\n\n<ol class=\"wp-block-list\">\n<li><strong>Release notes for the app reviewer:<\/strong> Copy and paste the following exactly:<\/li>\n<\/ol>\n\n\n\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p><em>App Description:<\/em><br><em>KiviCare Telemedicine is an integration for our clinic management system. It allows doctors to link their Zoom accounts to automatically generate meeting links for patient appointments.<\/em><\/p>\n\n\n\n<p><em>Testing Instructions (Crucial):<\/em><br><em>Please DO NOT click the &#8220;Add App&#8221; button inside the Zoom Marketplace, as it will fail (our security logic requires a Doctor ID state parameter).<\/em><\/p>\n\n\n\n<p><em>Instead, please follow these steps:<\/em><br><em>1) Go to the Login page URL provided below.<\/em><br><em>2) Log in using the Test Account credentials provided below.<\/em><br><em>3) You will be redirected to the Doctor Dashboard.<\/em><br><em>4) Go to Settings &gt; Zoom Telemed setting.<\/em><br><em>5) Click the &#8220;Connect to Zoom&#8221; button.<\/em><br><em>6) This will launch the OAuth flow. Click &#8220;Allow&#8221; to see the &#8220;Connected&#8221; success state.<\/em><\/p>\n<\/blockquote>\n\n\n\n<ol start=\"2\" class=\"wp-block-list\">\n<li><strong>App Activation:<\/strong> Select the <strong>&#8220;Activate my app immediately after it is approved&#8221;<\/strong> option.<\/li>\n\n\n\n<li><strong>Test account and credentials:<\/strong><\/li>\n<\/ol>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Select <strong>&#8220;Login page URL&#8221;<\/strong>.<\/li>\n\n\n\n<li>Enter the login URL for your WordPress site.<\/li>\n\n\n\n<li>Provide the Username and Password for a user with the <strong>Doctor<\/strong> role so the reviewer can test the connection.<\/li>\n<\/ul>\n\n\n\n<ol start=\"2\" class=\"wp-block-list\">\n<li><strong>Submit:<\/strong> Check the <strong>Marketplace Developer Agreement<\/strong> box and click <strong>Submit<\/strong>.<\/li>\n<\/ol>\n\n\n\n<p>You will receive an email from the Zoom Marketplace team once your app has been reviewed and approved!<\/p>\n<\/div>","protected":false},"excerpt":{"rendered":"<p>This comprehensive guide will walk you through the exact steps required to create, configure, and submit a Zoom OAuth (General) application for the KiviCare Telemedicine Addon. Following these steps ensures your app meets Zoom&#8217;s security and functional requirements for production use. Step 1: Initial App Creation Step 2: Basic Configuration Navigate to the Basic Information [&hellip;]<\/p>\n","protected":false},"author":12,"featured_media":0,"parent":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[58],"tags":[],"class_list":["post-3113","post","type-post","status-publish","format-standard","hentry","category-zoom-marketplace-readiness"],"featured_image_src":null,"author_info":{"display_name":"wordpressadminiq","author_link":"https:\/\/documentation.iqonic.design\/kivicare-wordpress\/author\/wordpressadminiq\/"},"_links":{"self":[{"href":"https:\/\/documentation.iqonic.design\/kivicare-wordpress\/wp-json\/wp\/v2\/posts\/3113","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/documentation.iqonic.design\/kivicare-wordpress\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/documentation.iqonic.design\/kivicare-wordpress\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/documentation.iqonic.design\/kivicare-wordpress\/wp-json\/wp\/v2\/users\/12"}],"replies":[{"embeddable":true,"href":"https:\/\/documentation.iqonic.design\/kivicare-wordpress\/wp-json\/wp\/v2\/comments?post=3113"}],"version-history":[{"count":6,"href":"https:\/\/documentation.iqonic.design\/kivicare-wordpress\/wp-json\/wp\/v2\/posts\/3113\/revisions"}],"predecessor-version":[{"id":3124,"href":"https:\/\/documentation.iqonic.design\/kivicare-wordpress\/wp-json\/wp\/v2\/posts\/3113\/revisions\/3124"}],"wp:attachment":[{"href":"https:\/\/documentation.iqonic.design\/kivicare-wordpress\/wp-json\/wp\/v2\/media?parent=3113"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/documentation.iqonic.design\/kivicare-wordpress\/wp-json\/wp\/v2\/categories?post=3113"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/documentation.iqonic.design\/kivicare-wordpress\/wp-json\/wp\/v2\/tags?post=3113"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}