Get Access Token not working in Server-to-Server OAuth

API Endpoint(s) and/or Zoom API Event(s)

Previously I used JWT Token to create/delete meetings. But because it was no longer used, I finally decided to use Server-to-Server OAuth. But for the past 4 days I have been having problems with not being able to get the access token, I always get a response like this:

“reason”: “unsupported grant type”,
“error”: “unsupported_grant_type”

I have followed the steps to enable and assign server-to-server oauth to my account according to the following documentation link: Internal apps (Server-to-server)

And I have published the position of the App that I created on Zoom, but the response is still like that


How To Reproduce

  1. Hit Get Access Token API with Account ID, Client ID and Client Secret from App in Zoom
  2. Use basic auth for authentication
  3. Use the access token obtained from the Get Access Token API to be able to use the Create/Delete Meeting API

@rizaldimaulidia could you share what programming language are you using, and do you have a sample code for this?

@rizaldimaulidia Hope you will be fine.

Here are the sessions regarding OAuth :point_down:

Zoom Integration OAuth App Part 1
Zoom Integration OAuth App Part 2

Here :point_down: are the sessions regarding how to schedule meetings using REST API

Create Zoom Meeting - (REST API)
How to Create password less Zoom Meeting -(REST API)
How to Enable Zoom Meeting Registration - (REST API)

Here are the sessions regarding WebSDK Integrations

@chunsiong.zoom I used PHP. Before implement the code, I want to test it via Postman. And that what I got. Here is a PHP code that I got from Postman :


$curl = curl_init();

curl_setopt_array($curl, array(
  CURLOPT_URL => '',
    'Content-Type: application/x-www-form-urlencoded',
    'Authorization: Basic xxx',
    'Cookie: _zm_mtk_guid=7078053ec84f468b9b675039ee628f2b'

$response = curl_exec($curl);

echo $response;

Fyi, This postman collection I got from Zoom Docs

Thanks @freelancer.nak . I will try it


I’m doing something like this for php and S2S oauth


$config = include 'config.php';

// Access the environment variables
$clientId  = $config['s2s_oauth_client_id'];
$clientSecret  = $config['s2s_oauth_client_secret'];
$accountId= $config['s2s_oauth_account_id'];
$oauthUrl = '' . $accountId;  // Replace with your OAuth endpoint URL

    global $clientSecret, $clientId, $oauthUrl;

    try {
        // Create the Basic Authentication header
        $authHeader = 'Basic ' . base64_encode($clientId . ':' . $clientSecret);
        // Initialize cURL session
        $ch = curl_init($oauthUrl);

        // Set cURL options
        curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
        curl_setopt($ch, CURLOPT_POST, true);
        curl_setopt($ch, CURLOPT_HTTPHEADER, array('Authorization: ' . $authHeader));

        // Execute cURL session and get the response
        $response = curl_exec($ch);

        // Check if the request was successful (status code 200)
        $httpCode = curl_getinfo($ch, CURLINFO_HTTP_CODE);
        if ($httpCode == 200) {
            // Parse the JSON response to get the access token
            $oauthResponse = json_decode($response, true);
            $accessToken = $oauthResponse['access_token'];
            //return $accessToken;
            http_response_code(200); // Replace 200 with your desired status code
            // Set the "Content-Type" header to "application/json"
            header('Content-Type: application/json');
            echo json_encode($accessToken);
        } else {
            echo 'OAuth Request Failed with Status Code: ' . $httpCode . PHP_EOL;
            echo $response . PHP_EOL;
            return null;

        // Close cURL session
    } catch (Exception $e) {
        echo 'An error occurred: ' . $e->getMessage() . PHP_EOL;
        return null;