Getting Invalid request : Redirect URI mismatch while hitting the access token API

API and Webhooks
1

Description
I’m trying to install a sample app for local dev work. My client-Id generated is -cuD2Rtm0Rb6fHbRlp3WVA. On the final step, when I try to install, I get redirected to my redirect URI - http://localhost:7010/sg50/v2/zoom/zoomToken, but on trying to hit the access token call, it gives a redirect URI mismatch error.

Error
URI - https://zoom.us/oauth/token?grant_type=authorization_code&code=w8YtiVLFCQ_cyE09hxJSoi7NgO5lXEP5Q&redirect_uri=http%3A%2F%2Flocalhost%3A7010%2Fsg50%2Fv2%2Fzoom%2FzoomToken%2F%3Fcode%3Dw8YtiVLFCQ_cyE09hxJSoi7NgO5lXEP5Q

Error Status - 403
Error Desc - {“reason”:“Invalid request : Redirect URI mismatch.”,“error”:“invalid_request”}

Which App Type (OAuth / Chatbot / JWT / Webhook)?
OAuth

Which Endpoint/s?
https://zoom.us/oauth/token

How To Reproduce (If applicable)
Steps to reproduce the behavior:

  1. Start an app creation from marketplace. Fill in details
  2. At the install step, when I get redirected to my localhost URI, and hit the access token end point, the error is produced
2

Hey @tverma,

It appears you are passing the code in twice which is confusing the flow because it is attached to the redirect uri:

redirect_uri=http://localhost:7010/sg50/v2/zoom/zoomToken/?code=w8YtiVLFCQ_cyE09hxJSoi7NgO5lXEP5Q

Thanks,
Tommy

3

Hey @tommy

Thanks for the guidance here. Along with removing the extra query param for code, I had to channel localhost via a tunneling proxy as well. This helped me in generating access token. Another question I had was, the scopes to access any API have and AND between them or an OR. For e.g., I wanted to get meeting details by meeting Id. For which I used the following curl:

curl --location --request GET 'https://api.zoom.us/v2/users/cyE09hxJSoi7NgO5lXEP5Q/meetings' \
--header 'Authorization: Bearer access_token' \
--header 'Cookie: _zm_page_auth=aw1_c_NGuHCqnoRUCzeOw9VLkfaA; _zm_ssid=aw1_c_Y3jhOwPdSqK1gFay7Tqfng; _zm_mtk_guid=27f0208193e14f098edd05dd14edea1e; _zm_o2nd=f43203ee1aab066698a9448bafd9b274; cred=2144FB780DC1B0D3CCC8727E69C24959; _zm_date_format=mm/dd/yy; _zm_ctaid=ksGeER1mSDCC9f93Fa5Phw.1587372861680.d97f5e7bfd47118e5669df5d75a2fa8b; _zm_chtaid=756'

Got the following response:

{
    "code": 4700,
    "message": "Invalid access token, does not contain scopes: [zms:meeting:read, meeting:read:admin, zms:meeting:write, meeting:write:admin]"
}

My access token has the following scope:
{
“scope”: “meeting:read meeting:write recording:read recording:write user:read user:write user_profile webinar:read webinar:write”
}

4

Hey @tverma,

Simply replace the userID in the path with the word me.

https://api.zoom.us/v2/users/me/meetings

Here is info on the me context:

https://marketplace.zoom.us/docs/guides/auth/oauth#me-context

https://marketplace.zoom.us/docs/api-reference/zoom-api/meetings/meetings

Screen Shot 2020-04-21 at 1.19.13 AM
Screen Shot 2020-04-21 at 1.19.13 AM1078×90 9.62 KB

Thanks,
Tommy