Code 124 (Invalid access token) received for JWT API calls

eamonn · December 19, 2020, 11:43pm

Description
When using either dynamically created JWT tokens, or even hard-copying the one provided from the App Marketplace for my app, my API requests always fail due to an ‘invalid access token’.

Error
The response from the API is: { code: 124, message: “Invalid access token.” }

Which App Type (OAuth / Chatbot / JWT / Webhook)?
JWT Credentials, Account-level app

Which Endpoint/s?
I am currently working on the Meetings endpoint, specifically trying to create a meeting.

How To Reproduce (If applicable)

Request URL:
https://eu01api-www4local.zoom.us/v2/users/me/meetings

Headers:

CURLOPT_HTTPHEADER => [
            "authorization: Bearer " . $this->generate_JWT(),
            "content-type: application/json"
]

where…

private function generate_JWT()
{
    $payload = [
        "iss" => self::ZOOM_API_SECRET,
        "exp" => time() + $this->timeout,
    ];
    return JWT::encode($payload, self::ZOOM_API_KEY,  'HS256');
}

using Firebase\JWT\JWT class per jwt.io reference

Am trying to connect from a project I am writing on localhost (so ‘CURLOPT_SSL_VERIFYPEER => false’). Any help you could give is appreciated.

DeveloperBot · December 20, 2020, 4:50pm

Hey @eamonn

Thanks for posting on the Zoom Devforum! I am still learning, but I will try my best to help answer your question.

Checkout this related thread that may have the answer you are looking for:

If this thread did not help, please let us know by replying back here and someone from the Developer Relations team will get back to you shortly.

Thanks,
DeveloperBot

eamonn · December 19, 2020, 11:45pm

This solution is not suited to my query.

eamonn · December 21, 2020, 4:21pm

Is this the correct forum for my query - I can post it elsewhere if needs be…

MaxM · December 22, 2020, 10:17pm

Hey @eamonn,

Thank you for reaching out to the Zoom Developer Forum. I just have a couple of questions to get us started. Does the token work if you replace me with the User ID? Do the tokens work for account-level APIs such as the dashboard? I’m thinking the issue here is that JWT tokens are account-level but the me route is specific to a user.

I hope that helps! Let me know if you have any questions.

Thanks,
Max

eamonn · December 23, 2020, 12:08am

Hi Max,
Thanks for your suggestions. I have tried using the user email instead of me in the URL. I have also tried basic GET requests for listing users and for listing existing meetings; neither to any avail. My assumption at this point is there is some scope issue with the JWT app?

MaxM · December 23, 2020, 11:27pm

Hey @eamonn,

Thank you for reaching out to the Zoom Developer Forum. After looking at this a bit closer, I’m thinking this may be related to the URL that you’re using. Please try using the URL listed in the documentation to see if that resolves your issues: https://api.zoom.us/v2/

I hope that helps!

Thanks,
Max

eamonn · December 24, 2020, 2:32am

Hi Max.
That worked. That’s actually pretty frustrating - the API documentation states:
To support GDPR requirements of EU customers, you may use https://eu01api-www4local.zoom.us as the base URL for all API requests associated with EU accounts.
We’re registering with .ie accounts and domains, and there is nothing in Account Settings or Profile to suggest that we are not an EU customer, or how to become one if not. I would suggest that a little more clarity on this in the documentation would have saved me a lot of bother, and may do likewise for others in the future.

Nonetheless, thanks for you help - well spotted!

tommy · December 28, 2020, 9:11pm

Hey @eamonn,

Sorry for the frustration here. Can you point to us where the documentation says that so we can clear up any confusion?

Thanks,
Tommy

eamonn · January 2, 2021, 12:10pm

Hi @tommy,

API docs, page 1, paragraph 3:

Also, upon reflection, the returned error ‘invalid access token’ does not accurately describe the issue either, but I can understand how that’s a circular problem to solve.

MaxM · January 4, 2021, 8:24pm

Hey @eamonn,

Thank you for pointing out where that is documented. From here I can have our documentation team address that or have our engineering team determine why that isn’t working. First, I want to confirm if you are able to use that API base URL if you remove the /v2 route from the URL?

Thanks,
Max

eamonn · January 5, 2021, 9:23am

Hi Max,

When sending to:

https://api.zoom.us/v2 - response OK
https://eu01api-www4local.zoom.us/v2 - response invalid token
https://eu01api-www4local.zoom.us - empty/no response

MaxM · January 5, 2021, 9:17pm

Hey @eamonn,

Thank you for testing that! I’ve since reached out to our engineering team to confirm how the EU base URL should be used and how our documentation should be updated. I’ll keep you posted with any new developments. (ZOOM-232544)

Thanks,
Max

MaxM · January 6, 2021, 12:55am

Hey @eamonn,

Thank you for your patience. I sent you a DM requesting the account owner email as our internal team indicated this could be caused by your account not being located in our EU Cluster. With the Account Owner email or even an email of a user on that account, I can check if this is the case.

Thanks,
Max

system · February 5, 2021, 10:55am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.