Define oAuth Server-to-Server Bearer Token Expiration Time

Description
Looking to know if the expiration time of the oAuth Server-to-Server app bearer token can be changed from 1 hour to shorter period when making the call to generate a token?

I have read through a lot of articles and docs on Zoom website, but can’t find anything that denotes how to define this value. Also most articles are based around either trying to make the correct call to the correct end-point OR with the correct parameters.

I can generate a token successfully and can make the needed API calls without any incident, but don’t require a 60 min window for token to be valid.

Use case:
Generating secure bearer token with short lifecycle. Each time a call to be made to Zoom endpoint, should be new and unique secure token. This also avoids having to capture a secure token…

Thank you
Tiaan Schulz

Hi @tiaan.schulz
Thanks for reaching out to the Zoom Developer Forum, I am happy to help here!
Unfortunately, for now, there is no way to customize the expiration time of a Server-to-Server OAuth token, it is set to 60 min.

Note that every time you generate a new access token, the previous one gets invalidated; so you can generate tokens every time you need them and you don’t have to worry about the previous one because it’s going to get invalidated.

Hope this helps,
Elisa

Thx Elisa. Good to know and this will work perfectly for what we want to achieve!

1 Like

Hi @elisa.zoom

I’m sorry, but when I generate three 1 hour access tokens in a row, I can still use all three.

According to my tests, Zoom does not invalidate previously generated tokens.

Hi @clstrife
This is the expected behavior.
When we first launched the Server to Server Oauth app, the generation of a new token, invalidated the previous one but we changed this a couple of months ago so now a new token wont invalidate the previously generated one.
hope this helps,
Elisa

This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.