Hi @donte.zoom , as I already mentioned in the community forum, a fix was found thanks to your suggestion. All I had to do was to add under “OAuth Allow Lists” the URL of the page from which the zoomSdk.authorize call was being made. In my case, https://zoom-cross-tenant.staging-linkando.com/zoomapp.
Indeed, the documentation mentiones: "under the OAuth allow list section, add your app’s Home URL". The confusion in my case was due to the fact that my home URL redirects the user further to another subdomain, and only after that the zoomSdk.authorize is called. Maybe it’s worth rewording the documentation slightly to avoid such confusions.
Another adjustment I had to do was to send the current page URL (again, .../zoomapp) as redirect_uri when requesting https://zoom.us/oauth/token from the server. Initially I used to send my main OAuth Redirect URL like in in-browser auth, which led to invalid_grant error. Similar to this issue in another user’s forum post.
Thanks for the support @donte.zoom !