Can't login with user token acquired after OAuth with email / password using ZoomSDKAuthService loginSSO method

Meeting SDK macOS
1

Description

In our application we support authentication of Zoom user over OAuth. If the user chooses to login with email / password (instead of SSO, Google auth, etc…) on zoom.us during OAuth flow we cannot authenticate the user using the acquired user token with ZoomSDKAuthService - (ZoomSDKError)loginSSO:(NSString*)ssoToken API.

Using the user token we get from /users/{userId}/token endpoint

- (void)onZoomSDKLogin:(ZoomSDKLoginStatus)loginStatus failReason:(NSString*)reason delegate gets called with loginStatus ZoomSDKLoginStatus_Failed and reason nil.

Which version?

v4.6.21666.0427

To Reproduce(If applicable)

  1. During user SSO authentication we request OAuth access token as described here:
  1. Then with the access token we request a user token using usertoken endpoint

  1. We pass the user token to - (ZoomSDKError)loginSSO:(NSString*)ssoToken.

  2. - (void)onZoomSDKLogin:(ZoomSDKLoginStatus)loginStatus failReason:(NSString*)reason; delegate gets called with loginStatus ZoomSDKLoginStatus_Failed and reason nil.

Additional context

The above described flow works if the user chooses to sign in with SSO on zoom.us during OAuth flow.

In case this flow is not supported how could we identify which login method the user picked on zoom.us?

2

Hi @peter.kutasi,

Thanks for the post. The OAuth instruction you are mentioning is for the Zoom API, not for Zoom SDK. The loginSSO interface is expecting a sso token for zoom that is returned from the IdP that has integration with Zoom: https://support.zoom.us/hc/en-us/sections/200305453-Single-Sign-On.

The token is like the following:

Screen Shot 2020-05-21 at 10.34.04 PM
Screen Shot 2020-05-21 at 10.34.04 PM2118×48 11.4 KB

Hope this helps. Thanks!

3

Hi @carson.zoom

Thanks for the reply! You are right. We misused the SSO login API, mixed the OAuth and SSO login. The strange thing was that the login was successful with the token we got from the usertoken endpoint after an OAuth authentication, but I see now that this is not the intended usage. At the end we switched to use ZAK token to start meeting in case the user was authenticated with OAuth.

Thanks again!
Peter

4

Hey @peter.kutasi,

Thanks for the update and glad to hear that it is working for you now. We will also look into the case you are mentioning. Happy Zooming!