Downloading cloud recordings forbidden

I’m having issues when trying to download cloud recordings. Sometimes the download works okay, and sometimes I get errorCode 401 or 300 saying the download is forbidden.

I’m using the download_token from the recording.completed webhook payload and I’m passing it in the HTTP headers as described in the documentation. (I’ve also tried passing it in via the URL `?access_token=)

I’m using curl and PHP. I’ve also tried just using curl on the command line and I get the same results - some URLs download okay, others fail.

I have one specific example that fails every time, here is the data returned from Zoom:

Thanks in advance,

Hi @rmrkevin , what kind of app are you making requests with? I am going to private message you for additional details as well.

Hello @gianni.zoom , I just wanted to follow up and see if you received my email with the details you asked for? Thanks.

Just followed up with you @rmrkevin ! Sorry, I did not see your notifications.

Hi @gianni.zoom, I still need your help with this please. Can you keep this ticket open and put it back in your queue?

A little more info …
The cloud recordings download just fine with JWT tokens, but as you know JWT is being turned off next month. If you change the JWT token to a S2S OAuth token then you get the 401 Forbidden error.


Hi @rmrkevin ,

Ahh I see. Can you please confirm the following so we can rule everything out?

401 error when downloading recording with Server-to-Server OAuth token - #17 by gianni.zoom

Hi @gianni.zoom , thanks for picking up this thread again. I looked in my scope settings and it is checked but greyed-out. I’m attaching a screen shot.

Some additional info, I’m now getting a “300 Forbidden” error.


Thanks @rmrkevin , I need to do some testing on my end and sync internally with teammates. I’ll try to get back to you ASAP.

Hi @rmrkevin ,

I can reproduce. I just submitted a bug ticket as high priority (ZSEE-91225). I’ll share progress as it becomes available. Thanks!

Hi @gianni.zoom ,thanks so much! :+1:t2:

Hi @gianni.zoom … it’s been 3 months with no updates on this issue. Our JWT app will cease working at the end of this month and we will completely lose our entire back office Zoom integration. Please post updates/fixes asap so we can meet the Sept 1st deadline. Thanks!

Greetings from México @rmrkevin!

I’m going thru a similar issue (migrating from JWT to s2s) but in my case when I use the recordings endpoint the response does not include the download_url parameter (so i can’t download my recordings like I did when using the jwt app). Hope my comment helps draw more attention to your post and also help others in the same situation. :+1:

Hi Kevin,
Hope so you’re doing well, please double-check that you’re correctly passing the download_token in the HTTP headers or as a URL parameter, as specified in the documentation. Ensure that the token is not expired and has the necessary permissions to access the recording.

Additionally, verify that there are no typos or formatting errors in your request. Make sure your cURL command or PHP code is correctly handling the token and constructing the download URL.

Hope so you’ll get some out of it!

Bryce June

Hi @rmrkevin ,

Apologies! I thought I had responded months ago!

After discussing with the developers, we do not currently support OAuth tokens with the download_url from the recording webhook although I’ve submitted a feature request for this May 9th (ZSEE-92020).

If you want to download the recording after 24 hours you have to do so via API such as via GET meeting recordings API and use the download URL to download the recording with JWT or Oauth token. It works fine with the meeting API.

Hi @gianni.zoom ,
Thanks for the update, but that is super disappointing to hear that the mandated OAuth model will not provide the same functionality as the soon to be obsolete JWT version.
How would I get updates regarding the status of the feature request ZSEE-92020?

This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.

Hi @rmrkevin ,

Thanks for your feedback! This feature request is on backlog and not actively trackable to the public, but we will release info in our developer announcements.