Can't get node example working on OAuth

I setup a test OAuth endpoint. I can get a response in powershell using:

Invoke-WebRequest -Method POST -Uri https://zoom.us/oauth/token -ContentType ‘application/x-www-form-urlencoded’ -Body @{ grant_type=‘account_credentials’; account_id=‘vExNbhTISm6eoGh0BK6Wqg’ } -Headers @{ Host=‘zoom.us’; Authorization=‘Basic VDJ5eWVfRDZRZU9kRXcyMlVrXzdLdzpxR2dIN1B0SWFnY2JVdzRFRTVhQTB2T09vMEFwSTU4Uw=’ }

I am not able to get it working within a javascript project. I made a test file and keep getting 400 errors. I found the examples in the forum.

const qs = require(‘qs’);
const axios = require(‘axios’)
describe(‘create’, () => {
test(‘returns new meeting’, async () => {
const auth = async () => {
let data = {
client_id: ‘vExNbhTISm6eoGh0BK6Wqg’,
client_secret: ‘qGgH7PtIagcbUw4EE5aA0vOOo0ApI58S’
}

  const body = JSON.stringify({
    grant_type: 'client_credentials',
    account_id: 'vExNbhTISm6eoGh0BK6Wqg'
  });

  // const body = qs.stringify({
  //   grant_type: 'client_credentials',
  //   account_id: 'vExNbhTISm6eoGh0BK6Wqg'
  // });
  //
  const config = {
    method: 'post',
    url: 'https://zoom.us/oauth/token',
    headers: {
      "Content-Type": "application/x-www-form-urlencoded",
      "Authorization": "Basic "+ new Buffer(data.client_id+":"+data.client_secret).toString('base64')
    },
    data: body
  };

  const result = await axios(config)
      .then(function (res: any) {
        console.log('res', res);
        return res;
      })
      .catch(function (er: any) {
        console.error('er', er);
        throw er;
      });
  console.log('result', result);
}
const authResult = await auth();
console.log('authResult', authResult)

})

})

If this is a Server-to-Server OAuth application and not an OAuth application, you need to use grant_type = account_credentials, not client_credentials. Your JavaScript snippet and PowerShell snippet are using different values for this parameter.

Since your Content-Type is application/x-www-form-urlencoded, you need to be passing a query string and not JSON as the request body.

Be sure to regenerate your application secrets, since they have been disclosed in your snippets.

1 Like