Client_id and Client_secret not valid

When I started the procedure for publishing the app I noticed I needed a data compliance page and procedure so I made those additions.

Now, Zoom does not recognize my client_id and client_secret.

I have tried using both the production and development id’s and secrets and that did not work
I regenerated the publishable url and that did not work
I regenerated the secret codes for both production and development and that did not work

This process was working until I tried to publish the app. After that, nothing works.

Any thoughts?

Hey @bizstim.apps,

What is the name of your app? I will look into this.


The name is: Bizstim Software Solutions

I tried again today with both the client_id and client_secret for production and developments and it returns the following error:

Invalid client_id or client_secret, error: invalid_client

I thought is may be an issue related to my config and the storing of sessions but it still failed even after refreshing the session with both client_id and client_secret.

If you need to follow up via e-mail please do so at

Thanks for your help.

Hey @bizstim.apps,

Can you also provide steps to reproduce the issue? What endpoint are you trying to call?


Went to your developer page for authorizing with zoom:

add client_id and client_secret and choose “me” as the {userId}

Get the following error from Zoom:

Invalid redirect: (4,700)

When I use my code I get invalid client_id and client_secret from the Zoom API.

What more can I tell you?

Hey @bizstim.apps,

Please add as the redirect URL and whitelist URL and the Test Request feature on our docs will work.

For calling the endpoint in your code, make sure you are following the OAuth flow.


What flow do you think I am following???

Of course I am using the OAuth flow. I certainly wouldn’t make one up. The flow was working until I tried to publish the app, then I got a client_id and client_secret invalid message.

Honestly, if you do not intend to help me solve this, just say so and I will go away.

Hey @bizstim.apps,

Please bear with us while we support you! :slight_smile:

This error is thrown when using a Chatbot token via the client_credentials flow to call the Zoom APIs that require an OAuth access_token.

Also double check your dev and prod keys have not been mixed up.


I am not using the chatbot token!!! I did not even look at the chatbot API process.

I ONLY use the OAuth Flow!!!

I am telling you, this process worked when I developed it 3 weeks ago, and then I went back to check the entire process after starting the submission process to the APP Marketplace and the process no longer works.

This is the process I am using on a high level:

  1. Go to
  2. The user logs into their account and authorizes with ZOOM
  3. They are redirected by ZOOM with an access code to my auth page
  4. That code is used to make a cURL call to this endpoint: (zoom_request_token)
  5. Here is part of the code for making the cURL call:

$post_data = [
‘grant_type’ => ‘authorization_code’,
‘code’ => $code,
‘redirect_uri’ => $zoom_redirect_uri

    $return = $this->_cURL_post($zoom_request_token, $post_data, $base64_authorization);


**Invalid client_id or client_secret, error: invalid_client**

If I did get a successful response the following happens:

  1. Save the access token and refresh token
  2. I link the user’s Bizstim account with the return Zoom email address and their personal meeting id and other return data is saved


ZOOM returns an invalid client_id and client_secret message.

I am using my development client_id and secret_id. On a side note, I also tried the production keys but that fails with the same message.

You say I am using a chatbot process but I NEVER looked at the chatbot auth flow and I have followed the documentation with the ZOOM API OAuth Flow Process.

Where can I possibly go from here?

Hey @bizstim.apps,

Can you make sure you are sending the authorization header with the base 64 encoded key and secret properly?

"Authorization": "Basic base64encoded(key:secret)"

The issue must be in that part of the process. Feel free to send me your $base64_authorization value in a private message so I can debug.

Thanks for your patience,