How to refresh token if refresh_token in incorrect

Hello,

My app properly goes through described process https://developer.zoom.us/docs/oauth/, but in some point of time it didn’t handle refresh and store new refresh_token during few parallel processes.

Could you please let me know how to refresh token if stored refresh_token is already inactive?

Thanks

Hi @romanio,

Refresh tokens have a lifetime of 15 years, you should still be able to use the refresh_token to get a new access token [0].

0 - https://marketplace.zoom.us/docs/guides/authorization/oauth-with-zoom#refresh-access-token

Thanks

Hi @Michael_Purnell,

I didn’t manage to store new refresh_token as documented “Please make sure that you store the new refresh token as well when refreshing the access tokens.”.

So what my app did:

  1. Got token and saved token and refresh_token, let’s call v1
  2. In one hour it refreshed token using refresh_token.v1 and saved token and refresh_token v2
  3. The app made request to refresh token with refresh_token.v3 and didn’t manage to save new token and refresh_token
  4. The app going to refresh token but only have refresh_token.v3, the api respond with error that refresh_token is invalid.

Can I somehow renew token if I have only refresh_token.v3 and didn’t manage to save tokens from attempt v4?

Thanks

Hi @Michael_Purnell,

Can you please help to get new token if last refresh_token is missed but I have previous before last.

Thanks

Hi @romanio,

If you don’t have the refresh token, you will need to re-authenticate to get a new access token along with refresh token.

Thanks

Is there no other way to get a valid refresh token? Our application is a back-end application that retrieves data for multiple tenants/Zoom accounts. It is not always an option to ask the customer to re-authorize our application for data extraction. I’ve got the most recent first time access code (code = xxxx from redirect). But, I can’t even use that first time access code to re-request the first time access token. The Zoom auth server tells me that even the first time code value is invalid. Summary: access token is expired, Refresh token is invalid and first time access code is invalid. So, if we have an issue saving the latest refresh token, then we are dead in the water? Seems harsh for multi-tenant/account applications.

Hi @katyle,

Right now the only way to get the refresh token is to have the user re-authenticate the app. The most recent access code can only be used to retrieve it’s respective access and refresh tokens and not the previous ones. Refresh tokens has a expiration date of 15 years and the only way they are invalid is if there was another access & refresh token generated afterwards.

Is there a reason why the most recent refresh token was not saved?

Thanks

A new access token and refresh token were saved in Key Vault at around 9:44 PM on the 17th, Pacific time. But, this token was giving us an odd error when we tried to use it to authenticate with. I then tried “rolling back” to the previous access token and
refresh token, since Azure Key Vault saves versions of secrets. But, this token was, of course, already expired. Do you want me to send the access token and refresh token that was giving us the odd error?

Katy

This message (including any attachments) contains confidential information and is for the sole use of the intended recipient. If you believe that you have received this email in error, please destroy it and notify the sender immediately.

Hi @katyle,

Sure, you can send us the information to developersupport@zoom.us and we’ll take a look.

Thanks