Getting "Invalid client_id or client_secret" error while requesting oauth token

Description
I receive an error when calling https://zoom.us/oauth/token.

Error
{
“reason” => “Invalid client_id or client_secret”,
“error” => “invalid_client”
}

Which App Type (OAuth / Chatbot / JWT / Webhook)?
OAuth

Which Endpoint/s?
https://zoom.us/oauth/token

How To Reproduce (If applicable)
Steps to reproduce the behavior:

  1. Following “OAuth with Zoom” guide on https://marketplace.zoom.us/docs/guides/auth/oauth, I get past step 1 (Request User Authorization) and am on step 2 (Request Access Token).
  2. When I call https://zoom.us/oauth/token with the specified query in the docs, I get the error as copy-pasted in the Error section.

Screenshots (If applicable)
This is my app: (I don’t see test vs production details? This is the only section I see)

Additional context
This is my code in Ruby:
I am using HTTParty here, but I get the same error in other ways to make the same POST call.

authorization_code = params[:code]

uri = 'https://zoom.us/oauth/token?'\
  "grant_type=authorization_code&code=#{authorization_code}&"\
  "redirect_uri=#{ENV['ZOOM_REDIRECT_URL']}"

auth_header = Base64.strict_encode64("Client_ID:#{ENV['ZOOM_CLIENT_SECRET']}")

response = HTTParty.post(
  uri,
  headers: {
    'Authorization' => "Basic #{auth_header}"
  }
).parsed_response

“auth_header” is a string that looks like this: Q2xpZW50X0lEOmdqa3hkMmUwSUVkQzBXXXXXXXXXXXXXXXX

Is there a place where we can view the call to Zoom and a detailed response for debugging?

Hey @julie1

Thanks for posting on the Zoom Devforum! I am still learning, but I will try my best to help answer your question. :slightly_smiling_face:

Checkout this related thread that may have the answer you are looking for:

If this thread did not help, please let us know by replying back here and someone from the Developer Relations team will get back to you shortly.

Thanks,
DeveloperBot

I found my mistake. The above should have been Base64.strict_encode64("#{EMV['ZOOM_CLIENT_ID']}:#{ENV['ZOOM_CLIENT_SECRET']}") and not the hardcoded “CLIENT_ID”.

Still I have a few questions remaining:

  • Is there a place where we can view the call to Zoom and a detailed response for debugging?
  • In my app settings, I only see one set of credentials instead of one for testing and another for production. Is this intentional?

Thank you.

Hey @julie1,

I’m glad you figured it out! Happy to answer your other questions.

Is there a place where we can view the call to Zoom and a detailed response for debugging?

Yes, you can view the logs for recent API requests in your Marketplace account, on the left hand side:

In my app settings, I only see one set of credentials instead of one for testing and another for production. Is this intentional?

Is your app intended to be published? If you don’t mark your app as “intend to publish: yes” when you create it, you will only see one set of credentials, which is expected.

Let me know if this helps!

Best,
Will

Hi @will.zoom, thanks for your reply.

Yes, you can view the logs for recent API requests in your Marketplace account, on the left hand side:

Unfortunately I don’t see the relevant link on the left hand side, can you elaborate? On https://marketplace.zoom.us/ I only see links related to the marketplace itself, and in my app details page I don’t see any link to view logs:

Is your app intended to be published? If you don’t mark your app as “intend to publish: yes” when you create it, you will only see one set of credentials, which is expected.

This makes sense, thanks.

Another question I have is: is it possible to manually trigger webhook events for development and testing purposes?

Thanks.

Hey @julie1,

In regards to viewing call logs, do you have admin or marketplace privileges for your account? This is likely why you’re not seeing this. You can request these from your Account Administrator.

In terms of testing webhooks, you’ll need to actually complete an action in Zoom for this to be triggered (i.e., start a meeting, let a recording complete, etc.). We don’t have a test trigger at this time, though this is a great suggestion!

Let me know about the first question when you have a chance. :slight_smile:

Best,
Will

Hi @will.zoom, yes I have made many API requests using my app credentials.

Hey @julie1,

In regards to viewing call logs, do you have admin or marketplace privileges for your account? This is likely why you’re not seeing this. You can request these from your Account Administrator.

Best,
Will

Thanks @will.zoom, becoming an admin did the trick.

Hey @julie1,

I’m glad that resolved the issue. :slight_smile:

Best,
Will

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.