
🧩 One of 7 skills in the openai/plugins package — works on its own, and pairs well with its siblings.
This is the playbook your agent receives when the skill activates — you don't need to read it to use the skill, but it's here to audit before installing.
Zoom OAuth
Use this skill for concrete Zoom authentication implementation and troubleshooting. Prefer setup-zoom-oauth for the first-pass setup plan, then return here for exact flows, scope behavior, refresh handling, and error diagnosis.
Workflow
- Identify the app type and actor: user-level OAuth, account-level OAuth, server-to-server OAuth where officially supported, SDK JWT, or Build-platform credentials.
- Confirm the target API, SDK, or app surface, because scopes and token audiences differ by surface.
- Choose the grant flow: authorization code with PKCE for public clients, authorization code for confidential web apps, device authorization where appropriate, or account credentials for supported account-level automation.
- Store refresh tokens as single-use values: persist the replacement refresh token returned by each refresh response before reusing the old one.
- Validate requests against redirect URI, account ID, scopes, app publication state, and token expiration before changing application code.
- For local development, keep access tokens out of logs and treat refresh tokens as single-use when rotating credentials.
References
- Full preserved guide: references/full-guide.md
- OAuth flows: concepts/oauth-flows.md
- Token lifecycle: concepts/token-lifecycle.md
- Scope architecture: concepts/scopes-architecture.md
- Granular scopes: references/granular-scopes.md
- OAuth errors: references/oauth-errors.md
- Redirect URI issues: troubleshooting/redirect-uri-issues.md
Copy & paste — that's it
npx skills add https://github.com/openai/plugins --skill zoom-oauthRun this in your project — your agent picks the skill up automatically.
No common issues documented yet. If you hit a problem, the repository's GitHub Issues page is the best place to look.