Incorrect client-id/secret

API and Webhooks
1

Hello, previously on other account I created app on marketplace and successfully
authenticated by Server-to-Server OAuth and were getting access token a few days.

And today with same credentials I can’t to get access token, nothing has changed for credentials during that period while were researching API. Now I’m getting 400 response status and body:

{
    "reason": "Invalid client_id or client_secret",
    "error": "invalid_client"
}

I tried to regenerate client secret at app page and I’m getting message fail_to_regenerate_secret and at network it shows 500 response status.

Created another app and there everything is working fine, but not sure what caused that issue and after that issue basically I can’t use that application and have to move every scopes from first app to second app.

Thanks

2

Hi @peterculazh
Thanks for reaching out to us.
Could you make sure that you are using the account_credentials as the grant type?
You can check out this guide to make sure you are making the request correctly:

3

Hello, checked and grant_type: "account_credentials" is always were there once I did first successful authentications a few days ago.

Issue still persist for first application and I described details in first message, there code that I did just for researching how to do s2s ouath:

const main = async () => {
  const clientID = `...`;
  const clientSecret = `...`;

  const clientIdSecretBase64 = Buffer.from(
    `${clientID}:${clientSecret}`
  ).toString("base64");

  const response = await axios.post(
    "https://zoom.us/oauth/token",
    {
      grant_type: "account_credentials",
      account_id: `...`,
    },
    {
      headers: {
        "Content-Type": "application/x-www-form-urlencoded",
        Authorization: `Basic ${clientIdSecretBase64}`,
      },
    }
  );

  console.log(response);
};

main();

So both with that code or Postman, for first application I’m getting 400 status (and 500 status for regenerating client secret) and for second application I receiving access token as expected. But there no way to get 400 status on first app cuz I’m using correct credentials (copy-pasting every time)

4

@peterculazh I’m doing something like this, hope it helps

// Function to fetch a bearer token
async function fetchBearerToken() {
  try {
    // Create a Basic Authorization header with client credentials
    const credentials = Buffer.from(`${process.env.ZOOM_S2S_CLIENT_ID}:${process.env.ZOOM_S2S_CLIENT_SECRET}`).toString('base64');
    const apiUrl = `https://zoom.us/oauth/token?grant_type=account_credentials&account_id=${process.env.ZOOM_S2S_ACCOUNTID}`;
    
    // Define the token request parameters
    const tokenRequestData = {
      method: 'POST',
      url: apiUrl,
      headers: {
        'Authorization': `Basic ${credentials}`,
        'Content-Type': 'application/x-www-form-urlencoded',
      },
      
    };

    // Send the token request
    const response = await axios(tokenRequestData);

    // Extract the access token from the response
    const accessToken = response.data.access_token;
    // Return 
    return accessToken;
   
  } catch (error) {
    return error.message;
  }
}
1 Like
5

Hello, thanks for responses. As I said, code was working fine and started at some moment receiving 400 status and message Invalid client_id or client_secret without changing code.

Today I faced same issue on another application that I’ve created at same day as first application broke and started receiving 500 status too while trying to regenerate client secret or change scope.

I’m not sure how I achieved to broke application, because used just a few endpoints: Server-to-Server OAuth, creating/deleting meetings endpoints and once used endpoint for receiving ZAK token for specified account.

6

Hi there.

I have exactly de same problem, the app works fine and suddently just get broken. Could you solve this ???