Zoom Integration

OneThing CRM integrates with Zoom to let real estate agents schedule meetings, place phone calls, and auto-log call activity without leaving the CRM. The integration covers two Zoom products:

• Zoom Meetings — agents create scheduled Zoom meetings directly from CRM activities (showings, listing presentations, buyer consultations).
• Zoom Phone — click-to-call from any contact or lead, auto-logged call history, inbound call pop-ups, voicemail transcription, and call recording playback.

Both features are delivered through a single Zoom OAuth app. Each end-user (an agent or broker) authorizes OneThing with their own Zoom account. Authorization is revocable at any time.

Meetings

• When an agent schedules a CRM activity of type “Meeting” and generates a Zoom link, OneThing calls the Zoom API to create a scheduled meeting on that agent's Zoom account.
• The meeting ID and join URL are saved on the CRM activity and shared with the invited contact.
• OneThing never joins meetings, never accesses meeting recordings, transcripts, or participants, and never modifies meetings that were not created through OneThing.

Phone — outbound calls

• When an agent clicks the phone icon on a contact, lead, or deal, OneThing launches the Zoom desktop or mobile app using the zoomphonecall:// URI scheme with the target number pre-filled. The actual call is placed entirely by the Zoom client — OneThing does not intermediate voice traffic.
• Because the call is placed from within the Zoom app, the End Call control lives in the Zoom client, not in OneThing. The End Call button in the CRM banner is intentionally hidden for Zoom Phone calls.

Phone — inbound calls

• When the agent's Zoom Phone number receives an inbound call, Zoom sends a webhook event to OneThing. The CRM surfaces a pop-up showing the caller's number and matches it against the agent's contacts, leads, and deals.
• The agent answers the call in their Zoom app. Call state transitions (ringing, connected, ended) update the CRM banner in real time via Zoom webhooks.

Phone — call logging and recordings

• When a call ends, OneThing receives a call ended webhook and creates a Call Activity on the matched contact or lead, capturing direction, duration, timestamp, and counterpart number.
• If call recording is enabled in the agent's Zoom account settings, OneThing stores a reference to the recording so the agent can play it back inside the CRM. OneThing does not re-host or download the recording audio — playback is streamed from Zoom's recording API using a short-lived URL.

Phone — voicemail transcription

• When a caller leaves voicemail, OneThing receives a voicemail received webhook. The CRM downloads the voicemail audio from Zoom, sends it to OpenAI's Whisper API for transcription, and stores the resulting transcript alongside the Call Activity.
• Voicemail audio sent to OpenAI is not used to train OpenAI models, per OpenAI's API data-usage policy.

OneThing requests the minimum OAuth scopes needed to deliver the features above. Every scope has a specific purpose.

User scope

• user:read:user — identify the connected Zoom user after OAuth (email, user id) so OneThing can link the Zoom account to the correct OneThing user.

Meeting scope

• meeting:write:meeting — create scheduled Zoom meetings on the agent's behalf when the agent generates a meeting link from a CRM activity. We do not read existing meetings and we do not modify meetings created outside OneThing.

Phone scopes

• phone:read:user — retrieve the agent's Zoom Phone user id and assigned phone number so the CRM can match inbound caller numbers to the correct agent.
• phone:read:list_call_logs — fetch the agent's recent Zoom Phone call history when they first connect, so the CRM can back-fill missing call activities.
• phone:read:list_recordings — list recordings linked to a call so the agent can select one to play in the CRM.
• phone:read:call_recording — stream a specific recording for playback inside the CRM call activity. We do not copy the recording to OneThing storage.
• phone:read:voicemail — download voicemail audio for Whisper transcription. Audio is processed and discarded after transcription completes; only the transcript is retained.
• phone:read:list_voicemails — list the agent's voicemails so the CRM can surface them in the call activity view.
• phone:write:user_call_command — issue call commands (end call, etc.) from the CRM when the adapter supports them. Not currently exercised — Zoom Phone outbound calls use the zoomphonecall:// URI handoff, so the Zoom client handles call control.

OneThing does not request and does not use: meeting:read:meeting, recording:* (meeting-side recordings), phone:write:call_recording, phone:write:sms, or any scope granting access to another user's data.

1. Sign in to OneThing CRM at 1thing.ca.
2. Open Settings → Calendar in the left sidebar.
3. Scroll to the Zoom card and click Connect Zoom.
4. You'll be redirected to Zoom's authorization screen. Review the permissions OneThing is requesting and click Allow.
5. Zoom will redirect you back to OneThing with a confirmation banner: “Zoom connected successfully.” The Zoom card on the Calendar settings page now shows your email and a Disconnect button.

Note: during pilot, OneThing's Zoom app is in unlisted mode. Your Zoom admin email must be added to our allow list before you can complete the consent screen. If you see “app not approved for your account,” contact support@1thing.ca and we'll add you within one business day.

You can disconnect Zoom at any time. Disconnecting revokes OneThing's access tokens on the Zoom side and deletes them from our database immediately. Webhook events for your account will stop being processed.

1. Go to Settings → Calendar in OneThing.
2. Click Disconnect on the Zoom card.

You can also revoke access directly in Zoom. Go to Zoom App Marketplace → Installed Apps, find OneThing CRM, and click Remove. OneThing detects the revocation on the next API call and clears the stale tokens from our database within 24 hours.

After disconnection, previously created Zoom meetings and previously logged call activities remain in your CRM for your records. They are your data; we do not delete them unless you explicitly request deletion.

The authoritative description of what OneThing stores, for how long, and with whom we share it lives in our Privacy Policy. A short summary for Zoom-specific data:

• OAuth tokens — stored encrypted in our Supabase-hosted database. Deleted on disconnect.
• Meeting metadata (meeting id, join url, start time, duration) — stored alongside the CRM activity that created it.
• Call metadata (direction, from/to numbers, duration, timestamps) — stored as a Call Activity in the CRM.
• Recording audio — not stored in OneThing. We store a Zoom-hosted reference URL and stream playback directly from Zoom.
• Voicemail audio — downloaded briefly to process for transcription, then discarded. Only the transcript is retained.
• Voicemail transcripts — generated by OpenAI Whisper (OpenAI API, not used for training) and stored on the Call Activity.
• Webhook payloads — processed to update call state; not retained as raw logs beyond transient server logs (30-day retention in Vercel function logs).

“This app is not approved for your Zoom account”

During the pilot phase, your Zoom admin email must be on OneThing's allow list. Email support@1thing.ca with the email address you use to sign in to Zoom. We'll add you within one business day.

“Failed to connect Zoom” after clicking Allow

This usually indicates a transient OAuth redirect issue. Retry once from Settings → Calendar. If it persists, try revoking OneThing in Zoom App Marketplace → Installed Apps and re-connecting from OneThing. If the error keeps happening, email support with the time of the attempt so we can check server logs.

Clicking the phone icon does nothing

The Zoom desktop app must be installed and running on the same machine as your browser. The zoomphonecall:// URI scheme only resolves if the Zoom client is installed. On iOS or Android, the mobile Zoom app must be installed.

Inbound calls aren't creating pop-ups

Three things must be true: (1) your Zoom account must be connected in OneThing (Settings → Calendar shows Connected), (2) Zoom's webhook configuration must be validated on our side — the Zoom Marketplace app shows the event subscription as active, and (3) the inbound call must reach your personal Zoom Phone number (not a shared line). If (1) and (3) are fine, contact support — webhook validation issues are diagnosable from our server logs.

Voicemail transcription never appears

Transcription typically completes within two minutes of the voicemail being left. If more than 10 minutes have passed, contact support with the call time and the voicemail sender number. The most common cause is a transient OpenAI API error, which we retry automatically up to three times.

I want to revoke access immediately

The fastest path is to uninstall OneThing from Zoom App Marketplace. Zoom revokes our tokens immediately on its side. OneThing detects the revocation on the next API call and clears stale tokens from our database. This is faster than disconnecting from within OneThing if you've lost access to your OneThing account.

Email support@1thing.ca for any question about the Zoom integration. We respond within four business hours, typically sooner. For data access, data deletion, or privacy requests specifically, email privacy@1thing.ca — we reply within 30 days as required by PIPEDA.