Help Needed: Zoom Refresh & Revoke Token APIs Failing After Few Days

Hello Zoom Support,

We are experiencing an issue with the Zoom OAuth APIs for refreshing and revoking tokens. The behavior is inconsistent and seems to break after a couple of days, even when tokens should still be valid.

Problem

• Immediately after completing the OAuth flow, both the refresh and revoke APIs work as expected.
• After ~2–3 days, both APIs begin to fail with errors, even though the refresh token has not yet expired.

API calls:

Refresh token:

curl -X POST "https://zoom.us/oauth/token" \
  -H "Content-Type: application/x-www-form-urlencoded" \
  -u “ZOOM_CLIENT_ID:ZOOM_CLIENT_SECRET" \
  -d "grant_type=refresh_token" \
  -d "refresh_token=REFRESH_TOKEN" \
  --max-time 30

For the refresh token API, i have verified that the refresh token has not yet expired. We are storing valid/latest refresh tokens in our db.

Revoke Access Token:

curl -X POST "https://zoom.us/oauth/revoke" \
  -H "Content-Type: application/x-www-form-urlencoded" \
  -u "ZOOM_CLIENT_ID:ZOOM_CLIENT_SECRET" \
  -d "token=ACCESS_TOKEN_TO_REVOKE" \
  --max-time 30

For the revoke access token api, i believe that the API should work even if the access token is expired.

This issue prevents our integration from handling token lifecycles correctly and is blocking us. It would be really helpful if you could provide us guidance on how to fix this. Thank you so much and looking forward to hearing back.

Facing the same issue!

Hi, would really appreciate some help on this! Thanks!

Hi @Shreya1
Thanks for reaching out to us and welcome to the Zoom Developer Forum.
I am happy to look further into this issue

Could you please confirm the app has not been removed and reauthorized in the process of you refreshing the access token?

I will send you a DM so you can share more details with me

Hello, thank you for reaching out! Yes, the app has not been removed and reauthorized in the process of refreshing the access token. I will send further details in the DM. Thanks!