Hello,
My app properly goes through described process https://developer.zoom.us/docs/oauth/, but in some point of time it didn’t handle refresh and store new refresh_token during few parallel processes.
Could you please let me know how to refresh token if stored refresh_token is already inactive?
Thanks
Hi @romanio,
Refresh tokens have a lifetime of 15 years, you should still be able to use the refresh_token to get a new access token [0].
0 - https://marketplace.zoom.us/docs/guides/authorization/oauth-with-zoom#refresh-access-token
Thanks
Hi @michael_p.zoom,
I didn’t manage to store new refresh_token as documented “Please make sure that you store the new refresh token as well when refreshing the access tokens.”.
So what my app did:
Can I somehow renew token if I have only refresh_token.v3 and didn’t manage to save tokens from attempt v4?
Thanks
Hi @michael_p.zoom,
Can you please help to get new token if last refresh_token is missed but I have previous before last.
Thanks
Hi @romanio,
If you don’t have the refresh token, you will need to re-authenticate to get a new access token along with refresh token.
Thanks
Is there no other way to get a valid refresh token? Our application is a back-end application that retrieves data for multiple tenants/Zoom accounts. It is not always an option to ask the customer to re-authorize our application for data extraction. I’ve got the most recent first time access code (code = xxxx from redirect). But, I can’t even use that first time access code to re-request the first time access token. The Zoom auth server tells me that even the first time code value is invalid. Summary: access token is expired, Refresh token is invalid and first time access code is invalid. So, if we have an issue saving the latest refresh token, then we are dead in the water? Seems harsh for multi-tenant/account applications.
Hi @katyle,
Right now the only way to get the refresh token is to have the user re-authenticate the app. The most recent access code can only be used to retrieve it’s respective access and refresh tokens and not the previous ones. Refresh tokens has a expiration date of 15 years and the only way they are invalid is if there was another access & refresh token generated afterwards.
Is there a reason why the most recent refresh token was not saved?
Thanks
A new access token and refresh token were saved in Key Vault at around 9:44 PM on the 17th, Pacific time. But, this token was giving us an odd error when we tried to use it to authenticate with. I then tried “rolling back” to the previous access token and
refresh token, since Azure Key Vault saves versions of secrets. But, this token was, of course, already expired. Do you want me to send the access token and refresh token that was giving us the odd error?
Katy
This message (including any attachments) contains confidential information and is for the sole use of the intended recipient. If you believe that you have received this email in error, please destroy it and notify the sender immediately.
Hi @katyle,
Sure, you can send us the information to developersupport@zoom.us and we’ll take a look.
Thanks
When I’m actually using the access token, I’m getting an error message which I can understand ({“code”:124,“message”:“Access token is expired.”}). But, when I’m trying to get a refreshed access token, I’m getting the following error:
“code”:124,“message”:“the token id160is outside of the token tolerance offset0. The current id is 161”.
As far as I can see from the Azure diagnostic logs, there were not any failures writing to Azure Key Vault. Is it possible that the refresh token was explicitly de-commissioned on your end?
Thanks,
Katy
This message (including any attachments) contains confidential information and is for the sole use of the intended recipient. If you believe that you have received this email in error, please destroy it and notify the sender immediately.
Hi @katyle,
No, we don’t de-commission keys on our end. Usually when you receive this message, that means the refresh token is invalid. Was there any network errors or outages?
The quickest way would be to have the customer re-auth the app to obtain a new access & refresh token.
Thanks
Thanks Michael.
Edward/Arul:
I created a ticket with MS for them to check the diagnostic logs for our Azure Key Vault. I didn’t see any store secret failures in the time frame in question. Neither did Microsoft. So, it is still a bit of a mystery. When I get a minute, I’ll write a
query to run against my Azure table logging to list key vault updates on the 18th. I realized later that the history list for Key Vault secrets that we see in the Azure portal is not easily searchable in order by date/time.
Katy
This message (including any attachments) contains confidential information and is for the sole use of the intended recipient. If you believe that you have received this email in error, please destroy it and notify the sender immediately.
I’ll update you on this thread if I glean any additional information.
Katy
This message (including any attachments) contains confidential information and is for the sole use of the intended recipient. If you believe that you have received this email in error, please destroy it and notify the sender immediately.
anything positive happened in this thread, I have the same situation but unable to tackle it
Actually, it has happened again. And this time, I got to the diagnostic logs early enough to see why. Here is what happened:
As I’ve said before, this is not a good model for a background application that does not have any interaction. Additionally, the application is multi-tenant. So, the person that would have to re-authorize the application is a customer and not an internal user. Can’t be going to the customer and asking them to re-authorized our application without any reason (e.g. no new feature set).
Hey @katyle,
Sorry to hear this happened. We can increase the tolerance limit if you would like.
Please let me know the app name.
Thanks,
Tommy
That would be great. The likelihood of a session drop in the middle of receiving the response from a OAuth token refresh request has gone up quite a bit in the past few weeks. Many customers are using Zoom conferencing more as a way to
continue to be able to work during the stay at home orders issued due to the Covid-19 outbreak (as you are already probably painfully aware of😊).
Thanks,
Katy