Error "This API does not support client credentials for authorization." when trying to call an endpoint with Server-to-Server OAuth App credentials


API Endpoint(s) and/or Zoom API Event(s)
(https://api.zoom.us/v2/users/:userId/meetings?type=live&page_size=30&page_number=1)

Description
I am working on updating our authentication from JWT to OAuth. I followed the instructions to create a Server-to-Server OAuth app, noting the account ID, client key, and client secret. Now I am attempting to do some test calls in Postman, to the meetings API.

I can successfully pull a Bearer Token, but when I then use it to make the call, the endpoint returns:

"code": 124,
"message": "This API does not support client credentials for authorization."

Error?
ā€œcodeā€: 124,
ā€œmessageā€: ā€œThis API does not support client credentials for authorization.ā€

How To Reproduce
1.) Create Server-to-Server OAuth application.
2.) Note account ID, client key, and client secret
3.) Set up Postman for OAuth 2.0 authentication, and get new access token
4.) Use that token for a call to the endpoint.
5.) Error is returned.

1 Like

Hi @rich1 ,

please make sure that the grant type is ā€œaccount_credentialsā€ and not ā€œclient_credentialsā€ .
That should fix the issue.

Thanks

2 Likes

In Postman, how should I enter this in their OAuth authentication flow? Iā€™ve been trying to do a custom call to /oauth/token, but I canā€™t get it to work. I get a 405 error.

To be more specific, I had a GET call to /oauth/token, with account_credentials for grant type and account ID specified, plus a Base64 representation of client key and secret (both as an Authorization header and body). Iā€™m unable to get that to work.

Iā€™m trying to prototype and validate in Postman before I start moving this into my production codebase. I appreciate your help and support.

To be clear, what happens when I do this is a 405 Error is returned.

I resolved this. I was calling a GET instead of a POST.

Hi I also got the same error . I have a member account . I used the client credentials that admin gave. after taking the token I cant get MeetingDetails. what is the reason. Here is my code,

import requests as rq
import base64
import json

cID=ā€˜ā€¦ā€™
cSec=ā€˜ā€¦ā€™
userID=ā€œā€¦ā€

#credential_ID:credential_Secret
credentials= f"{cID}:{cSec}"
#encode for base =64
bStream= credentials.encode(ā€œasciiā€) #bit stream
encode64= base64.b64encode(bStream)
sEncode= encode64.decode(ā€œasciiā€)

auth_url=ā€œhttps://zoom.us/oauth/token?grant_type=client_credentialsā€
header={ā€œAuthorizationā€: f"Basic {sEncode}"}

res = rq.post(auth_url,headers=header)

token= res.json()[ā€œaccess_tokenā€]
print(token)
header2 = {ā€œauthorizationā€: f"bearer {token}"}
#print(header2)
res2 = rq.get(ā€œhttps://api.zoom.us/v2/users/cIDā€, headers=header2)

print(res2.json())

I got this : {ā€˜codeā€™: 124, ā€˜messageā€™: ā€˜This API does not support client credentials for authorization.ā€™}

hello,
Iā€™ve the same problem with this endpoint :
ā€œhttps://api.zoom.us/v2/meetings/ā€œ.$meeting_id.ā€/recordingsā€

my error : "resulted in a 401 Unauthorized response: {ā€œcodeā€:124,ā€œmessageā€:ā€œThis API does not support client credentials for authorization.ā€} "

I canā€™t download my meeting recordings.

I have a JWT app that has been doing this for 2 years but it will be deprecated in June 2023.

I tried to create an OAuth app but I canā€™t whitelist a domain because students need to be able to enter the Zoom meeting as soon as the host starts the room and the students donā€™t all have the same domain.

can you help me find a solution?

Thanks

Selim

@lamaisondessavoirs if you are using user authorized OAuth, please use the method mentioned here [OAuth for user authorized apps]

Use " grant_type as ā€œauthorization_codeā€ instead of client_creentials

if we change this then invalid request error while generating access token.

@devang.wappnet can you make sure that you are making a POST request and not a GET request?

yeah , I made this mistake,thanks~

Hi @ojus.zoom,

I intend to purchase a Pro Plan subscription for my Zoom account to manage and create Zoom meetings for my company.

I have a query regarding the creation of licensed users for my Zoom Pro account. After the purchase of the Pro plan, is it necessary to make additional payments for creating licensed users, or can I create licensed users for free within the Pro plan?

Upon attempting to add a new licensed user, I received the following error message:

{
ā€œcodeā€: 3412,
ā€œmessageā€: ā€œYour request to add a new Licensed user could not be approved at this time because your account has reached the permitted maximum number of 1 paying users. Please purchase additional licenses or contact the Zoom support team to provision additional users in your account.ā€
}

Could you please provide clarification on whether additional payments are required for creating licensed users within the Pro plan?

Thank you.

@devang.wappnet You can create upto 9999 basic users (free plan users) in your account with a Pro Account, however if you want to create a licensed users (for ex: create meetings that dont have a 40 minute limit), then you need to pay for the license of the user.

Writing in Python. I have the same error. Im using POSt and also using client_credentials

def get_access_token():
    token_url = 'https://zoom.us/oauth/token'
    auth_header = {
        'Authorization': f'Basic {base64.b64encode(f"{CLIENT_ID}:{CLIENT_SECRET}".encode()).decode()}',
        'Content-Type': 'application/x-www-form-urlencoded'
    }
    token_data = {
        'grant_type': 'client_credentials'
    }
    response = requests.post(token_url, headers=auth_header, data=token_data)
    if response.status_code == 200:
        return response.json()['access_token']
    else:
        raise Exception(f"Could not get an access token. Status Code: {response.status_code}")

# Use the access token to create headers for Zoom API
access_token = get_access_token()
headers = {
    'authorization': f'Bearer {access_token}',
    'content-type': 'application/json'
}

@mikedlv if your error is the same one, then you need to buy additional licenses or create basic users.

Thanks, Ojus. I managed to fix it. Hereā€™s the updated Python code or anyone wanting to use Python to get the Bearer auth token.

def fetch_bearer_token():
    credentials = base64.b64encode(f"{CLIENT_ID}:{CLIENT_SECRET}".encode()).decode()
    token_url = f"https://zoom.us/oauth/token?grant_type=account_credentials&account_id={ACCOUNT_ID}"
    headers = {
        'Authorization': f'Basic {credentials}',
        'Content-Type': 'application/x-www-form-urlencoded',
    }
    response = requests.post(token_url, headers=headers)
    if response.status_code == 200:
        return response.json()['access_token']
    else:
        raise Exception(f"Error fetching bearer token: {response.text}")

Enjoy!

1 Like

I am experiencing this same issue when using a Server-to-Server authentication token.

C# class that first does a POST to the https://zoom.us/oauth/token url using form url encoded values for grant_type and account_id (per the developer docs) with Base64 endoded clientId:clientSecret. This returns the access_token (Bearer) successfully.

However, when I make a subsequent request using the standard .net6 http client with an Authorization header set to ā€œBearer ${access_token}ā€ the subsequent GET requests (such as https://api.zoom.us/v2/users?page_size=100&page_number=1) fail with the ā€œAPI does not support client credentials for authorizationā€ error.

What is strange to me is that I can make the IDENTICAL requests in a REST client (aka Postman, but we use Insomnia) to get the access token and then use that token in other requests and the requests succeed.

Iā€™m really confused and any assistance would be greatly appreciated.

Ok, so I figured this outā€¦programmer error.