Zoom
FortiCASB offers an API-based approach, pulling data directly from Zoom via RESTful API. Then FortiCASB portal accesses the data collected through API queries with OAuth2.0 authentication. Subsequently, FortiCASB combines these data to monitor and track Zoom user activities, provides DLP Data Analysis for files shared through Zoom.
Prerequisites
Make sure the Zoom account plan that will be used on FortiCASB is Pro, Business or Zoom United Pro. Free plan is not supported.
The Zoom account user to be added on FortiCASB must be the Account Owner.
Add Zoom Account
- Log into Zoom as the Account Owner. In the left control pane, navigate to ADMIN > User Management > Role Management.
- Select Admin Role, in Role Settings tab, make sure the settings below are checked:
User and Permission Management
- Users: View
- Role management: View
Chat Management
- Chat Channels: View
- Chat messages: View
- Return to left control pane, go to Advanced > App Marketplace to create an App on Zoom. On the top right hand side, click Develop drop down menu, and select Build App.
- Select OAuth app type and click Create.
- Enter an App name of your preference, choose Account-level app, and uncheck the option to publish the app on Zoom App Marketplace, and click Create.
- In App Credentials, keep a record of the Client ID and Client Secret. Enter one of the URL below based on your region in both Redirect URL for OAuth and Whitelist URL and click continue.
- For Global Region: https://www.forticasb.com/api/v1/oauth/redirect/Zoom
- For European Union Region: https://eu.forticasb.com/api/v1/oauth/redirect/Zoom
- In Basic Information, fill in Short Description, Long Description, and Company Name. In Developer Contact Information, fill in Name and E-Mail Address, then click Continue.(Note: the app cannot be created without filling out these information)
- In Add Feature, turn on Event Subscription, then click +Add new subscription, fill in a Subscription Name, and select All Users in the account.
- In Add Scopes page, click +Add Scopes to add scope, and add the following scopes and click Continue.
- Stop here on Zoom, there is no need to install the app. Now return back to FortiCASB > Add Zoom Account page and click Next Step.
- Fill in the Client ID, Client Secret, and the Verfication Token and click Add Account.
- You will be re-directed to Zoom OAuth authorization page to authorize sharing user information with FortiCASB. Click Authorize to be re-directed back to FortiCASB.
- The add account process is completed, please wait 15 minutes and check on the status of the account.
If not logged into Zoom yet, click Develop, and select View App Types.
Go back to FortiCASB > Add Zoom Account page, paste the client ID recorded earlier in the Client ID field, and click Generate to generate event notification endpoint URL. Copy the corresponding URL to the Event notification endpoint URL field on Zoom.
Click on Add Events on Zoom and add the event types below, and click Save to save the event notification.
| User | User Activity | Chat Channel | Chat Message |
|---|---|---|---|
| User has been created | User has signed in | Chat Channel Created | Chat Message Sent |
| User has been disassociated | User has signed out | Chat Channel Deleted | Chat Message Updated |
| User has been deleted | Member Removed | Chat Message Deleted | |
| User has been activated | Member Left | Chat Message Replied | |
| User has been deactivated | |||
| User has accepted the account invitation | |||
| User’s profile info has been updated |
After you clicked Save, the Verification Token will show up, keep a record of Verification Token for use later on FortiCASB, and click Continue.
| Scope Type | Scope |
|---|---|
| User | View all user information/user:read:admin |
| Chat |
View all users' chat channels/chat_channel:read:admin View all users' chat messages/chat_message:read:admin |
| Role | View all user roles/role:read:admin |
