How to user Server-to-Sever OAuth app with Postman

How to use our Server-to-Server OAuth with Postman?

As some of you might be aware of, our JWT app is being deprecated by June 2023 and we encourage you to migrate to the newly introduced Server-to-Server OAuth App

That being said, here is a quick and simple guide on how to use or new app with Postman

As stated in our documentation here:

This new app type facilitates OAuth-authenticated requests between servers without end-user involvement. And this grant type enable your private server application to get your account owner access token without user interaction.

To start using this App, the Administrator for your Zoom account or the Owner of the account must enable the view and edit permissions for Server-to-Server OAuth app by going to
User Management > Roles > Role Settings > Advanced features

Once those permissions are enabled, you will be able to see the app in your Marketplace Dashboard.

Once the app is created and you have added the scopes that you want to include as well as Features (event subscriptions) that you want to add then you can go ahead and activate your app in your account.

Feel free to follow along on the Steps on How to Create a Server-to-Server OAuth app here:

Now, it is time to get started and use Postman with our newly created app.

Step 1

Create a new Post request to https://zoom.us/oauth/token

Step 2

Add the following Query Params “grant_type=account_credentials” and “account_id={account_id}”

(Grab your account_id from the App credentials Tab in your newly created app)

So your Post request should look something like this

Step 3

Go to the Authorization Tab and select Basic Auth as the authorization type and user your Client ID as a Username and your Client SECRET as your password

(Grab those credentials from your newly created app as well)

Once that is all done, you should be able to send the POST request and you will get a response that will look something like this:

You should be able to use the access_token as a bearer token to make API calls to those endpoints that can be accessed with the scope/s set up in the Server-to-Server application.

Hope this helps to understand this new app type better and let me know if you have any questions or suggestions!

Happy coding!
Elisa :slight_smile:

1 Like

Nice @elisa.zoom ! Adding this workflow to our Postman workspace :slight_smile:

1 Like