cancel
Showing results for 
Search instead for 
Did you mean: 

Oauth2.0 Application submit

jimy_sancho
Newcomer
Newcomer

Hi everyone! 

 

I am trying to submit an oauth2.0 application. In order to do so, there are some requirements that need to be uploaded on the app: 

 

- SSDLC 

- SAST and/or DAST

- Excerpts:

a)

Provide excerpts from your privacy statement containing the language that alerts users or participants about your data access, collection, use,

maintenance, and sharing practices as described in your responses to Questions 1 - 13.


b) 

Provide an excerpt from your privacy statement containing the language that alerts users or participants of their data subject access rights.

 

My questions are:

1. The SSDLC: what schema should we follow? I am following the waterfall one, but I am not sure if this is the valid one for zoom. 

2. SAST and/or DAST: I am using CodeQL (from github) to examine the code. Is this a valid tool, or my request will be rejected If I use this one? Which tools are valid for the request of submission to be accepted? 

3. Excerpts: Could you be more specific? What kind of information do you want here to be? Any template you have so this is an easy field to fill? 

 

Thank in advanced! 

1 REPLY 1

jimy_sancho
Newcomer
Newcomer

I forgot to also ask the following: 

 

- The SAST / DAST scan: what file should I upload as evidence? I've seen that the usual extension is a .sarif one, but I am not sure if this is the file you would want. 

- The SSDLC: a pdf would be okay right? 

 

Thanks again!