Getting Invalid request : Redirect URI mismatch while hitting the access token API

I’m trying to install a sample app for local dev work. My client-Id generated is -cuD2Rtm0Rb6fHbRlp3WVA. On the final step, when I try to install, I get redirected to my redirect URI - http://localhost:7010/sg50/v2/zoom/zoomToken, but on trying to hit the access token call, it gives a redirect URI mismatch error.


Error Status - 403
Error Desc - {“reason”:“Invalid request : Redirect URI mismatch.”,“error”:“invalid_request”}

Which App Type (OAuth / Chatbot / JWT / Webhook)?

Which Endpoint/s?

How To Reproduce (If applicable)
Steps to reproduce the behavior:

  1. Start an app creation from marketplace. Fill in details
  2. At the install step, when I get redirected to my localhost URI, and hit the access token end point, the error is produced

Hey @tverma,

It appears you are passing the code in twice which is confusing the flow because it is attached to the redirect uri:



Hey @tommy

Thanks for the guidance here. Along with removing the extra query param for code, I had to channel localhost via a tunneling proxy as well. This helped me in generating access token. Another question I had was, the scopes to access any API have and AND between them or an OR. For e.g., I wanted to get meeting details by meeting Id. For which I used the following curl:

curl --location --request GET '' \
--header 'Authorization: Bearer access_token' \
--header 'Cookie: _zm_page_auth=aw1_c_NGuHCqnoRUCzeOw9VLkfaA; _zm_ssid=aw1_c_Y3jhOwPdSqK1gFay7Tqfng; _zm_mtk_guid=27f0208193e14f098edd05dd14edea1e; _zm_o2nd=f43203ee1aab066698a9448bafd9b274; cred=2144FB780DC1B0D3CCC8727E69C24959; _zm_date_format=mm/dd/yy; _zm_ctaid=ksGeER1mSDCC9f93Fa5Phw.1587372861680.d97f5e7bfd47118e5669df5d75a2fa8b; _zm_chtaid=756'

Got the following response:

    "code": 4700,
    "message": "Invalid access token, does not contain scopes: [zms:meeting:read, meeting:read:admin, zms:meeting:write, meeting:write:admin]"

My access token has the following scope:
“scope”: “meeting:read meeting:write recording:read recording:write user:read user:write user_profile webinar:read webinar:write”

Hey @tverma,

Simply replace the userID in the path with the word me.

Here is info on the me context: