Using Zoom App Marketplace authentication inside the custom script tool

Admins can leverage the Zoom App Marketplace authentication capability in the custom script tool to integrate with third-party applications while maintaining Zoom's robust security protocols and centralized credential management. This functionality allows admins to retrieve authentication tokens for Marketplace apps, enabling secure API calls without exposing sensitive credentials. By utilizing the Marketplace authentication framework, admins can expand integration capabilities beyond existing support channels and built-in tools to address a wide range of custom requirements while ensuring proper security compliance.

Requirements for using Zoom App Marketplace authentication inside the custom script tool

How to use the Zoom App Marketplace authentication inside the custom script tool

This functionality enables you to retrieve authentication tokens for subsequent API calls, extending capabilities beyond existing support channels or built-in tools to fulfill custom requirements.
  1. Create a custom script tool.
  2. In the JavaScript box, insert the following function:


// 1. Get authentication handle from marketplace
const authConnector = getMarketplaceConnector("my-auth-connector");

// 2. Prepare your API request
const apiRequest = {
  url: "https://api.example.com/data",
  method: "GET",
  headers: {
    "Content-Type": "application/json"
  },
  queryParams: {
    "filter": "active"
  }
};

// 3. Send request through marketplace authentication
const response = authConnector.sendRequest(apiRequest);

// 4. Process the response in your custom script
if (response.status === 200) {
  const data = JSON.parse(response.body);
  // Process data according to your business logic
} else {
  // Handle error cases
  console.log("API request failed:", response.status, response.body);
}
/*
/*
#### Supported built-in functions:

## Variable Get
var_get()[varname]; // to get a parameter with parameter name,varname is the parameter name
## type: string, the type of variable. Currently number,boolean,date are supported
var_get_with_type(varname, type);

## Http Requests:
req.get(url[, config]); req.delete(url[, config]); req.head(url[, config]); req.options(url[, config])
req.post(url[, data[, config]]); req.put(url[, data[, config]]); req.patch(url[, data[, config]])

## Logging
log.debug(string), log.info(string), log.warn(string), log.error(string)

## Return
return value; // return value to the caller. The value type only support object, here is an example:

return {
    "key": "value",
    "key2":"value2"
  }
*/


async function getAccessToken() {
  // 1. Get authentication handle from marketplace
  var res = zcx_builtin_functions.connector.get_auth("your-maketplace-app-id");
  return res;
}

async function invokeApi(token) {
  // 2. Prepare your API request
  const url = "https://your-service-domain/data";
  const config = {
    headers: {
      "Content-Type": "application/json",
      "Authorization": "Bearer " + token
    }
  };
  
  // 3. Send request through marketplace authentication
  const response = await req.get(url, config);

  // 4. Process the response in your custom script
  if (response.status !== 200) {
    throw new Error(`Request failed with status ${response.status}`);
  }
  return response.data;
}

async function main() {
  try {
    var token = await getAccessToken();
    var response = await invokeApi(token);
    var res = JSON.stringify(response);

    // 5. return the api response as an Object
    return {
      "res": res
    };

  } catch (error) {
    log.error("Error in main: " + error.message);
    throw error;
  }
}