Getting Started with the Zoom OAuth Integration
Note: Zoom is removing support for JWT integrations, and the FireHydrant JWT Zoom integration will be disabled on July 31st, 2023.
The Zoom OAuth integration option lets you configure Runbooks to spin up a Zoom conference bridge for your team to use during incidents.
- Developer privileges in Zoom and Owner privileges in FireHydrant are required to perform this step.
- We recommend using a generic service account rather than a named user.
To enable the Zoom OAuth integration, select Integrations from the lefthand navigation bar, and choose to install the Zoom OAuth integration. Click to Authorize the integration.
With the OAuth integration, FireHydrant will attempt to create the meeting bridge under the incident opener's email/ID. In order for FireHydrant to do this, users must individually go to their User Settings and link their Zoom accounts to their FireHydrant account:
- Head to the user's profile dropdown and click on Profile.
- On this page, scroll down to Your Linked Accounts and click on the "Link" button next to Zoom, and follow the instructions on the following screens.
When this is finished, FireHydrant will automatically create Zoom bridges with this user as the host if they open the incident. If this fails for any reason, FireHydrant will fall back to the Default Authorized User, which you can find in the Zoom integration settings.
Subsequently, we recommend considering Zoom's Concurrent Meeting licenses for your Default Authorized User in the off-chance multiple incidents/Zooms are kicked off under this user.
To avoid meeting conflicts, ensure that the Zoom account of the user who authorized the OAuth integration has the Personal Meeting ID scheduling option disabled. To disable it:
- As the user, sign in to Zoom
- Go to Settings
- Make sure Use Personal Meeting ID (PMI) when scheduling a meeting and Use Personal Meeting ID (PMI) when starting an instant meeting are both DISABLED.
If these settings are enabled, the same Zoom meeting ID will be used for each incident, causing collisions if more than one incident is in play at the same time.
You'll also want to allow users to join the meeting before the host as well as turn off the Waiting Room feature in Zoom. If you don't do this, your incident responders may be stuck waiting for the authorizer to join the meeting and admit them into the call.
If you've configured the above and are still having issues, or if you are not able to adjust the above settings, reach out to your Zoom admin. Zoom allows configuring tiered settings by group, which can lock individual user settings.
As of today, Zoom's API does not have breakout rooms capability, so FireHydrant has no way to programmatically set this from our side.
Users will need to manually configure and set up Breakout Rooms when they join the meeting.
Note: As mentioned in above documentation, FireHydrant will default to the host's settings, so if they have Breakout Rooms enabled, then the capability should be available once your responders have joined the meeting. If you're still not seeing this, check that there aren't org-level settings overriding your user-level settings in Zoom, and that you've linked your FireHydrant and Zoom accounts.
FireHydrant requests a passcode when making the API call to Zoom. However, it is up to the organization in Zoom's settings to actually enforce this. If you are finding some users can join incident bridges without a passcode:
- Check that there aren't organization-level rules that allow users to join meetings without passcodes in Zoom
- Check that there aren't individual users who have been allowed to bypass these passcode requirements in Zoom
The default behavior on FireHydrant is as follows:
- Use the user email/ID of the incident opener.
- Fallback to default authorized user if incident opener does not exist, or if FireHydrant cannot otherwise designate the opener as the Host.
Meetings on Zoom are always created under a specific host. This can sometimes cause issues, as Zoom by default only allows one (1) concurrent meeting per user on Free and Pro plans, and up to two (2) concurrent meetings on Business, Education, and Enterprise pricing plans, even if the host is themselves not in the meeting(s).
However, concurrent meeting licenses can be purchased through your Zoom rep. We recommend reaching out to them to learn more about your options as they offer licenses that can support anywhere from 3-4 up to 20 concurrent meetings on a single user account.
Once procured, the license will appear in your Zoom account. Your Zoom admin can apply it to the account running the Zoom bridge by following these instructions:
- Go to User Management > Users from the Zoom admin console
- Click Edit next to the account they want to apply the license to
- Select the checkbox next to "Concurrent Meeting"
Note: Owner privileges in FireHydrant are required to perform this step.
To remove the Zoom OAuth integration, select Integrations from the lefthand navigation bar, and choose to edit the Zoom OAuth integration. Click to Uninstall the integration.
- Once you've configured your Zoom integration, you can automate spinning up meeting bridges via a Runbook step.
If you encounter an error indicating that the Zoom meeting is waiting for the host, verify the following:
- That you are logged into your Zoom account
- That you've configured the waiting room settings above
- That there aren't any org-level settings overriding the individual authorized user settings
If you encounter an error about the host having another meeting in progress, verify:
- That the host of this meeting is the person who opened the incident
- If not, ensure that their email address in Zoom matches their email address in FireHydrant
- That you are on a Zoom pricing plan that allows for concurrent meetings