Error: Invalid api key or secret

Ansh · August 22, 2020, 4:48am

Description
I am using rauth's OAuth2Service to handle OAuth2 authentication with Python3, and I keep getting an error about an invalid api key or secret. I have attached the code below for your reference:

class ZoomClient():
    def __init__(self,CLIENT_ID,CLIENT_SECRET, REDIRECT_URL):
        super().__init__()
        self.REDIRECT_URL = REDIRECT_URL
        
        self.zoom_auth = OAuth2Service(
            client_id = CLIENT_ID,
            client_secret = CLIENT_SECRET,
            name = 'zoom',
            authorize_url = 'https://zoom.us/oauth/authorize',
            access_token_url = 'https://zoom.us/oauth/token',
            base_url = 'https://zoom.us'
        )

        self.access_token = self.get_access_token()        
        print('Access token sucessfully acquired.')

        self.make_request()


    def make_request(self):
        request_uri = 'https://api.zoom.us/v2/users/me'
        headers = {
            'Authorization' : 'Bearer {}'.format(self.access_token)
        }
        response = requests.get(request_uri, headers = headers)
        print(response.json())

    def get_decoder(self, payload):
        return json.loads(payload.decode('utf-8'))
    
    def get_access_token(self):
        session = self.zoom_auth.get_auth_session(data = {'code': 'foo', 'grant_type' : 'client_credentials', 'redirect_uri' : self.REDIRECT_URL}, decoder=self.get_decoder)
        return session.access_token

I have already tried replace grant_type to code, but I receive a different error from rauth shown below:

Decoder failed to handle access_token with data as returned by provider. A different decoder may be needed. Provider returned: b\'{"reason":"Internal Error","error":"invalid_request"}

Error

{'code': 200, 'message': 'Invalid api key or secret.'}

Which App Type (OAuth / Chatbot / JWT / Webhook)?
OAuth2

Which Endpoint/s?
https://zoom.us/oauth/
https://zoom.us/oauth/authorize
https://api.zoom.us/v2/users/me

How To Reproduce (If applicable)
Steps to reproduce the behavior:

Run Client class with Client ID and Secret
See error

DeveloperBot · August 22, 2020, 4:49am

Hey @Ansh

Thanks for posting on the Zoom Devforum! I am still learning, but I will try my best to help answer your question.

Checkout this related thread that may have the answer you are looking for:

If this thread did not help, please let us know by replying back here and someone from the Developer Relations team will get back to you shortly.

Thanks,
DeveloperBot

Ansh · August 22, 2020, 4:59am

Sorry, this didn’t help

tommy · August 25, 2020, 5:39pm

Hey @Ansh,

Please see my post here:

Thanks,
Tommy

Ansh · August 25, 2020, 6:14pm

Hi @tommy,

I think I tried this, and I received another error. I have attached the full error below:

    z = ZoomClient('****', '****', 'https://google.com')
  File "/Users/***/Desktop/Zoom-Attendance/src/models.py", line 20, in __init__
    self.access_token = self.get_access_token()        
  File "/Users/***/Desktop/Zoom-Attendance/src/models.py", line 38, in get_access_token
    session = self.zoom_auth.get_auth_session(data = {'code': 'foo', 'grant_type' : 'authorization_code', 'redirect_uri' : self.REDIRECT_URL}, decoder=self.get_decoder)
  File "/opt/anaconda3/lib/python3.7/site-packages/rauth/service.py", line 556, in get_auth_session
    session = self.get_session(self.get_access_token(method, **kwargs))
  File "/opt/anaconda3/lib/python3.7/site-packages/rauth/service.py", line 542, in get_access_token
    access_token, = process_token_request(r, decoder, key)
  File "/opt/anaconda3/lib/python3.7/site-packages/rauth/service.py", line 24, in process_token_request
    raise KeyError(PROCESS_TOKEN_ERROR.format(key=bad_key, raw=r.content))
KeyError: 'Decoder failed to handle access_token with data as returned by provider. A different decoder may be needed. Provider returned: b\'{"reason":"Invalid authorization code foo","error":"invalid_request"}\''

The change I made was to switch grant_type to "authorization_code". I censored certain directories / client secrets using *** as they have revealing names/info.

tommy · August 27, 2020, 9:48pm

Hey @Ansh,

Make sure you are only using the auth code in the redirect url once.

It is only valid once, then you will need to refresh the access token using the refresh flow.

Thanks,
Tommy

system · September 27, 2020, 7:48am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Invalid API or Secret API and Webhooks	2	584	August 21, 2020
Getting "Invalid client_id or client_secret" error while requesting oauth token API and Webhooks	10	6452	November 12, 2020
New App-can't retrieve OAuth2 Access Token --> invalid authorization code, invalid grant API and Webhooks	1	1035	April 22, 2022
"Invalid client_id or client_secret" Urgent help required. (I just need to get the API TOKEN) API and Webhooks	2	466	July 2, 2021
Invalid access token api API and Webhooks	4	454	June 29, 2021

Error: Invalid api key or secret

Related Topics