I’m attempting to download a recording using my Server-to-Server OAuth app’s access token but I’m getting a 401 HTTP error code. I can successfully download the URL using the token from my JWT app. This appears to be a variation of the bug that was discussed in this thread:
To get my OAuth token, I make a request like this:
I can also download using the “download_token” provided in the webhook request. However, this only lasts 24 hours. If I want to download the recording later, I need to use the OAuth token method.
Any ideas on whether this is a bug or something I’m missing in the way I make my requests?
Hi @david5 , is your server-to-server OAuth app’s access token still valid? They expire after an hour.
@elisa.zoom@ojus.zoom can you confirm server-to-server OAuth access tokens can be used in the access token parameter for cloud recording webhook dowload?
Hi @david5
I am trying to debug this issue but I am getting a different behavior.
Could you please confirm the steps that you are taking to make this request, along with the endpoints you are calling so I can try and replicate this on my end?
I also wanted to add that the access_token generated with the Server-to-Server OAuth app, it is only valid for 1 hour so you will have to generate a new one once it expires.
I then take the download_url from the recording.complete webhook message I receive and add the access_token query parameter with the value genrated from the step above:
When I attempt to run this download, I get an HTTP 401 response. When I use my JWT access token (which I’m trying to retire, per the deprecation guide from Zoom) I get a 301 redirect to a URL that contains the MP4 file.
@elisa.zoom Any progress on this? I’m beginning to wonder if Server-to-Server OAuth isn’t quite ready for prime time and we should go back to using JWT until the kinks are worked out over the next few months.
Hi @david5
Thank you for your patience and for sharing more details with me.
I have been trying to replicate this issue on my end and I was able to do so.
I will reach out to our Engineering team about this and I will come back to you with an update.
I do not know if this is expected or if this is a bug on our end. (ZSEE-62252 internal ticket for reference)
Hi @david5
I did some testing on my end and what I did was that I grabbed the download_url from the payload that I received with me recording.complete webhook and then I used the download_url along with the download_token received in the same payload to get the recording, like so:
curl --location --request GET 'https://us02web.zoom.us/rec/webhook_download/{long_String}?access_token={download_token_from_payload}' \
Could you please give this a try and let me know if this works?
@elisa.zoom Using the download_token from the webhook message works fine (always has). The problem is that the token is only good for 1 hour after the message is received. If I need to reprocess the message or download the recording at a later date, I am unable to do so because my Server-to-Server OAuth token is not accepted in this scenario.
Hi,
I am having the same issue with trying to download a recording using a server-to-server OAuth access token and I am getting a 401 error, whereas if I use my old JWT token it works fine. I’m wondering if there is any progress on this issue?