Bot Authentication
By default, Skribby bots join meetings as Guests. However, many organizations block guest access for security. To bypass these restrictions, you must authenticate your bot as a real user.
Authentication Methods
| Method | Platforms | Description |
|---|---|---|
| Authenticated Accounts | Google Meet, MS Teams | Link a real account (email/password) via the Skribby Dashboard. |
| ZAK Tokens | Zoom | Provide a short-lived token generated via the Zoom API. |
Google Meet & Microsoft Teams
For these platforms, you manage accounts directly in the Skribby Dashboard.
Adding an Account
- Navigate to Settings → Authenticated Accounts
- Click Add Account
- Select the service (Google Meet or Microsoft Teams)
- Enter the account email and password
- Save and copy the
account_id
Using in API Requests
{
"authentication": {
"account_id": "uuid-here",
"always_authenticate": true
}
}
💡 Guest-First Logic: By default, bots try to join as guests first (to use your custom
bot_name). If the meeting requires login, it then uses the account. Setalways_authenticate: trueto skip the guest attempt.
Provider Requirements
Google Meet
| Requirement | Details |
|---|---|
| Account Type | Google Workspace or personal Gmail |
| MFA | Must be disabled |
| App Passwords | Not supported; use the main account password |
| Workspace Restrictions | Account must be in the same Workspace as meetings |
Microsoft Teams
| Requirement | Details |
|---|---|
| Account Type | Microsoft 365 account |
| MFA | Must be disabled |
| License | Needs Teams access (most M365 plans include this) |
| Tenant Restrictions | Account must be in the same tenant as meetings |
💡 Dedicated Accounts: We recommend creating dedicated service accounts (e.g.,
[email protected]) rather than using personal accounts.
Zoom (ZAK Tokens)
Zoom authentication is ephemeral. You must generate a ZAK Token via the Zoom API for the specific user the bot should represent.
Skribby's production Zoom bot authentication currently supports ZAK pass-through only. It does not provide production OBF support, and you should not send an OBF token in place of zoom_zak_token.
How to get a ZAK Token
- Prerequisites: You need a Zoom Server-to-Server OAuth app.
- Step 1: Get User ID: Call
GET /usersto find theidoremailof the user. - Step 2: Generate Token: Call
GET /users/{userId}/token?type=zak. - Step 3: Skribby Integration: Pass the returned
tokenstring to Skribby.
{
"authentication": {
"zoom_zak_token": "zak-token-string"
}
}
⚠️ Expiration: ZAK tokens are typically valid for 90 days, but we recommend generating a fresh one before creating a bot.
Zoom OAuth Scope Workaround
ZAK tokens generated with the granular user:read:zak scope can cause Zoom joins to remain in joining and eventually fail as not_admitted.
While this Zoom compatibility issue exists, use the classic Zoom OAuth scopes available from the Zoom Marketplace app defaults, such as user:read and meeting:read, when generating ZAK tokens. Avoid explicitly forcing a granular scope= value that includes user:read:zak.
This is a ZAK compatibility workaround, not OBF support.
Why Skribby Does Not Use OBF for Production Zoom Bots
Zoom's OBF model is designed for the Zoom Meeting SDK join flow. Skribby's current Zoom bot joins through Zoom's hosted web client with a ZAK token; it does not generate a Meeting SDK JWT or call the Meeting SDK join API.
OBF is not a good fit for autonomous recording bots because it requires a user-authorized OBF token, the associated Zoom user must already be present in the meeting, and the SDK app's meeting lifecycle is tied to that user's presence. That conflicts with scheduled bot joins, lobby waiting before the requester arrives, and continued recording if the requester leaves.
Important Constraints
- Disable MFA: Multi-Factor Authentication must be disabled on all service accounts. Our bots cannot solve 2FA prompts during the login flow.
- Bot Naming: When authenticated, the bot appears with the account name. The
bot_nameparameter is ignored once authentication is active. - Account Merging: If you send two bots using the same account into the same meeting, the platform merges them into a single participant. Use different accounts for multi-bot scenarios.
- Zoom OBF: OBF is not supported for production Zoom bot authentication. Use
authentication.zoom_zak_tokenfor Zoom ZAK pass-through.
Troubleshooting
| Issue | Cause | Resolution |
|---|---|---|
Bot stuck at auth_required | Meeting requires login, no account provided | Add authentication.account_id to your request |
| Login fails immediately | Wrong password or MFA re-enabled | Verify credentials, check MFA is disabled |
| Bot appears as guest despite auth | Guest attempt succeeded first | Set always_authenticate: true |
| Works for some meetings, not others | Different org/tenant requirements | Verify account is in the same org as meeting |
Zoom bot stays in joining, then fails as not_admitted | ZAK token generated with granular user:read:zak scope | Use classic Zoom OAuth scopes such as user:read and meeting:read; do not force granular scope=user:read:zak while this compatibility issue exists |