Error when accessing the api - 124 Invalid access token

zoom03 · April 23, 2023, 9:51am

I found several articles on the forum with a similar problem, but none of them gave me an understanding of how to solve the problem.

In the App Marketplace I created a Server-to-Server application and took from there: account_id, client_id, client_secret.
With these data I get access_token = OK.
But when I try to access the API (I tried different edpoints) I keep getting this error:
{“code”:124, “message”: “Invalid access token.”}

I’ve tried to encode access_token in base64 - it doesn’t help and as far as I understand it’s not necessary, access_token must be passed the way it’s received.

Then I don’t understand why access_token is not valid.

Here is the code of the program in python:

    account_id = r'XXX'
    zoom_authorization_url = f'https://zoom.us/oauth/token?grant_type=account_credentials&account_id={account_id}'
    client_id = r'XXX'
    client_secret = r'XXX'
    authorization = f'Basic {base64.b64encode(f"{client_id}:{client_secret}".encode()).decode()}'
    print(authorization)
    headers = {'Authorization': authorization}
    response = requests.post(zoom_authorization_url, headers=headers)
    print(response.text)
    zoom_api_url = r'https://api.zoom.us/v2'
    zoom_api_endpoint_client_url = f"{zoom_api_url}/accounts"
    print(zoom_api_endpoint_client_url)
    print(response.json()["access_token"])
    headers = {'Authorization': f'Bearer {response.json()["access_token"]}'}
    params = {"page_size": 100}
    response = requests.get(zoom_api_endpoint_client_url, headers=headers, params=params)
    print(response.text)
    print(response.status_code)

Here is the code of the program in output:

{"access_token":"XXXXX6IjAwMDAwMSIsImFsZyI6IkhTNTEyIiwidiI6IjIuMCIsImtpZCI6IjlhNTJhZWMyLWUxYWUtNDE0My05OTMyLWYyYWU0OWJkNWQ2ZCJ9.eyJhdWQiOiJodHRwczovL29hdXRoLnpvb20udXMiLCJ1aWQiOiJJUzVGZ3M0WFRFYS1ka25LRnpOUVd3IiwidmVyIjo5LCJhdWlkIjoiYzkyMDU3ZjJiNTYxZmZiYzJiM2U5MDAzYTExOGY1OTgiLCJuYmYiOjE2ODIyNDMwODgsImNvZGUiOiJLcEZPMjhJT1NFeVFJRWltMEZQTjlBTTZIWmVuWVhPdUQiLCJpc3MiOiJ6bTpjaWQ6bGs0a3h6NERTemVTM2hxRjF1TU1EQSIsImdubyI6MCwiZXhwIjoxNjgyMjQ2Njg4LCJ0eXBlIjozLCJpYXQiOjE2ODIyNDMwODgsImFpZCI6ImRiTUlHZmYwUlk2MkxqbTBZUlBweWcifQ.UqEv633sUzx-VUtCVxu7w7kwxArvayqO-O2BxNawYl_vTxoiLU6QjY1b_SsM2OpZeTTxg8-EdVMBtM_cmmFe2Q","token_type":"bearer","expires_in":3599,"scope":"user:write:admin meeting_token:read:admin:local_recording information_barriers:write:admin dashboard_home:read:admin imgroup:write:admin report:read:admin dashboard_crc:read:admin workspace:write:admin account:master device:read:admin imchat:read:admin tracking_fields:master tracking_fields:write:admin webinar:write:admin room:master tsp:master app:deeplink:write:admin dashboard:master meeting:read:admin group:master iq_account:read:admin phone_call_log:read:admin phone_recording:write:admin account:read:admin group:read:admin imchat:bot chat_channel:write:admin h323:master webinar_token:read:admin:local_recording iq_comment:write:admin meeting:master contact_group:read:admin phone:read:admin zoom_events_registrants:read:admin imchat:write:admin zoom_events_ticket_types:read:admin phone_call_control:write:admin iq_comment:read:admin information_barriers:read:master chat_message:read:admin marketplace_entitlement:read:admin webinar:master zoom_events_basic:read:admin zoom_events_sessions:read:admin meeting_token:read:admin:live_streaming pac:write:admin room:write:admin recording:master phone_sms:write:admin phone_voicemail:write:admin role:read:admin iq_analytics_metrics:read:admin zoom_events_ticket_types:write:admin zoom_events_hubs:read:admin sip_trunk:master phone:master user:read:admin meeting:read:admin:sip_dialing recording:write:admin sip_phone:read:admin zoom_events_tickets:write:admin webinar:read:admin app:deeplink:read:admin imgroup:master phone:write:admin user:master information_barriers:read:admin pac:master marketplace_app:read:admin marketplace_app:write:admin zoom_events_basic:write:admin recording:read:admin dashboard_zr:read:admin contact:read:admin phone_sms:read:admin group:write:admin billing:master sip_phone:master account:write:admin webinar_token:read:admin:local_archiving sip_trunk:write:admin device:write:admin zoom_events_sessions:write:admin phone_call_control:read:admin chat_channel:read:admin scim2 information_barriers:write:master iq_conversation:write:admin report_chat:read:admin zoom_events_tickets:read:admin tracking_fields:read:admin h323:read:admin h323:write:admin dashboard_webinars:read:admin workspace:read:admin dashboard_meetings:read:admin sip_trunk:read:admin tsp:write:admin phone_call_log:write:admin meeting:write:admin dashboard_im:read:admin chat_message:write:admin phone_voicemail:read:admin report:master sip_phone:write:admin tsp:read:admin phone_e911:read:admin contact_group:write:admin meeting_token:read:admin:local_archiving marketplace_app:master imgroup:read:admin webinar_token:read:admin:live_streaming pac:read:admin phone_recording:read:admin role:write:admin iq_coaching:read:admin role:master room:read:admin"}
https://api.zoom.us/v2/accounts
{"code":124,"message":"Invalid access token."}
401

zoom-admin · April 24, 2023, 3:56pm

Hi,

I experience exactly the same issue. I assume GS-03-BIZ, as I do, has to update a JWT based app subsequently to the reception of the deprecation notice…

During my own tests, after I got the access_token, I had at first a scope error (“Invalid access token, does not contain scopes: …”) which disappeared after I updated scope in Apps management console. The current error now is:
<Response [401]>
{
“code”: 124,
“message”: “Invalid access token.”
}

which seems to match this current topic.

The app is Account-level, Server-To-Server OAuth.

zoom-admin · April 24, 2023, 4:18pm

Tried to deactivate / reactivate the app on the marketplace; same error message

zoom03 · April 24, 2023, 4:57pm

It turned out that my program works, but not on all APIs.
For example, the program returns data at these APIs (ZOOM_USER_03 - it email for user):

zoom_api_endpoint_client_url = f"{ZOOM_API_URL}/users/{ZOOM_USER_03}"
zoom_api_endpoint_client_url = f"{ZOOM_API_URL}/roles"
zoom_api_endpoint_client_url = f"{ZOOM_API_URL}/accounts/me/trusted_domains"

But for such an API, it returns the error I specified:

zoom_api_endpoint_client_url = f"{ZOOM_API_URL}/accounts/999999/settings"

All APIs where is {accountId}. I created the application on behalf of the account owner and looked up his {accountId} in his profile as “Account No.” But it doesn’t work, I get this error.

Topic		Replies	Views
124 Invalid access token API and Webhooks	6	2467	November 6, 2020
{"code": 124, "message": "Invalid Access Token"} API and Webhooks	2	558	January 8, 2021
Error message [code] => 124 [message] => Invalid access token API and Webhooks	7	4005	September 14, 2020
Problem with: Invalid access token API and Webhooks	2	1492	January 16, 2021
Oauth Server 2 Server Call. Code 124 error invalid Token API and Webhooks	4	249	January 15, 2024

Error when accessing the api - 124 Invalid access token

Related Topics