I am getting 401 error on an inconsistent basis by calling Zoom API, using JWT for server-server authentication

Using this template helps us debug your issues more effectively :slight_smile:

I am calling Zoom APIs for creating, updating, and deleting zoom meetings. I am calling Zoom APIs via axios library and I am using the following API request

const { status, data } = await axios.post(
        params: {
          status: 'active',
        headers: {
          Authorization: `Bearer ${token}`,
          'content-type': 'application/json',
        withCredentials: true,

This the test application ID (‘MY6HUKesQv6qTwwmbUCrtA’) using JWT in order for me to perform server-server integration. Sometimes, I get 401 error in calling Zoom API calls for example when I call delete endpoint for deleting zoom meetings, I get 401 error consistently but when I call another API endpoint namely; get request for Zoom, then it works without any issues and interestingly, I can call delete API without any issues

401 error on an inconsistent basis when calling Zoom APIs.

Which App Type (OAuth / Chatbot / JWT / Webhook)?

Which Endpoint/s?
DELETE /meetings/{meetingId}
GET /meetings/{meetingId}

How To Reproduce (If applicable)
Steps to reproduce the behavior:

  1. Request URL / Headers (without credentials) / Body
  2. See error

Screenshots (If applicable)

Additional context
Add any other context about the problem here.

Hi @Daniyal_Khan ,

Happy to help!

Are you saying that when you make a GET request first and then a DELETE request, it works. But if you just call the DELETE request it doesn’t work?

Thank you,

Hi @gianni.zoom I figured out the issue, the problem is in the following line of code

const payload = {
  iss: process.env.ZOOM_JWT_API_KEY,
  exp: Math.floor(Date.now() / 1000) + 60 * 60, //*expiry is set to one hour

now since I restarted my server every now and then due to the addition of new features, payload was created again leading to my misunderstanding of inconsistent API calls whereas it worked perfectly before.

Should I request for a refresh token after payload has expired or do I need to generate a separate payload for each API request

Hey @Daniyal_Khan,

Awesome! I’m glad to hear that you were able to resolve the issue.

When it comes to JWT, there actually isn’t a refresh token. Instead, you would want to regenerate the JWT token with a new expiration.

When it comes to an OAuth App, you would wan to use the refresh token before the current access token expires otherwise the app will need to be reauthorized.

I hope that helps! Let me know if you have any questions.


Thanks @MaxM, I resolved the issue by issuing JWT token on each login with an expiry date equal to the expiry date of the session cookie itself. I copied zoom github repo that contained the code of Nodejs JWT and I forgot to regenerate the JWT token.

Daniyal Talat

Hey @Daniyal_Khan,

Awesome, I’m glad to hear that you were able to resolve the issue! Thanks for sharing what worked for you here.

I’ll go ahead and close this topic now but feel free to open a new topic if you encounter any further issues or questions.



I’m facing the similar issue while calling the GET/list of users api from Salesforce and the issue is inconsistent. When I hit the api the next minute after getting the error it works just fine without refreshing any token or stuffs.

Edit : I’m using OAuth App

Hey @simran.na.sah,

Are you making many requests to the /oauth endpoint around the same time? If you continue to see this consistently, let us know.


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.