Incorrect error message "Invalid redirect url" during OAuth authorization

API and Webhooks
1

Description/Error
We have a fully working integration that is successfully creating meetings on behalf of our users so we are confident that the configuration (including the redirect_url) is all set up correctly. However, if a user enters the incorrect credentials when logging into the Zoom sign-in page (https://zoom.us/oauth/signin) then the user is re-directed to a page with an error message that reads “Invalid redirect url (4, 700)”.

Which Endpoint/s?
https://zoom.us/oauth/authorize

How To Reproduce (If applicable)
Steps to reproduce the behavior:

  1. Load the URL https://zoom.us/oauth/authorize?response_type=code&client_id={clientId}&redirect_uri={redirectURL} without being logged into a zoom account.
  2. Redirected to the login page https://zoom.us/oauth/signin?_rnd={randomNum}&client_id={clientId}&redirect_uri={redirectURL}&response_type=code
  3. Type in a valid Zoom account with an incorrect password
  4. Redirected to a page with an error message reading “Invalid redirect url (4,700)” rather than any indication of entering incorrect credenials

Screenshots (If applicable)

38%20AM
38%20AM1273×666 23.9 KB
48%20AM
48%20AM1273×666 39 KB

Additional context
As stated previously, this works properly if the correct credentials are entered so we know that the redirect URL is correct.

2

Hey @ansell,

Wow nice find! This is defiantly a bug and we will work asap to fix it! JIRA: ZOOM-119463

I will post back here with updates!

Thanks,
Tommy

3

I am having the same problem. Any update on the progress of this fix?

4

Hey @ROHAN_KHAJURIA,

Our team is looking into it. I will post back here with updates.

Thanks for your patience,
Tommy

5

Hey @ROHAN_KHAJURIA, and @ansell,

We are releasing this fix at the end of this month (Dec).

Thanks,
Tommy

6

Hi @Tommy has this issue been resolved? I am getting the same error

7

Hey @tawandabrandon,

This issue was fixed in dec. Can you share steps to reproduce?

Thanks,
Tommy

8

Hi Tommy,
How are you?
I’m working on Zoom integration and I’m getting the same error when I try to use the ClientId 1q3Fw8wBQLg9qvB0pnsFQ
The error occurs when I try request user authorization.

Note 1: I implemented that part using like guideline this documentation https://marketplace.zoom.us/docs/guides/auth/oauth.
Note 2: I created a new App (GWu_IhzZSySH6FJmtWTx5g) using the same account and for this App, the authorization is working fine
.

9

Hey @mmijovilcevich,

Which error occurs? The invalid redirect?

Make sure your redirect URL matches your whitelist URL.

Thanks,
Tommy

10

Hey Tommy!

Yes, the error “Invalid redirect url (4,700)”.
I had already added the redirect URL in “Whitelist URL”. Even with the redirect URL in the whitelist, I still having the “Invalid redirect url” error.

Could you help me, please?
Thanks,
Mario

11

Hey @mmijovilcevich,

Can you share your OAuth request URL and screenshots of your redirect url and whitelist url in the marketplace?

Thanks,
Tommy

12

Hey Tommy,

Here are the screenshots you requested (since I’m a new user I can upload just one image):

ZoomApp
ZoomApp1868×1800 296 KB

This is the complete URL that I can see on my browser after the error:

Sign In | Zoom

As you can see, the redirect_uri is the one I sent on my request (as URL encoded format)
Thanks,
Mario

13

Hey @mmijovilcevich,

Can you try without your state query param to see if that works?

I think since your state query param is not url encoded it is breaking the flow.

Thanks,
Tommy

14

Hey @tommy,

I already did that test and it didn’t work.
The error seems to be directly related to the application given that I’ve created other applications in the same account, with the same configuration, running the same request and they work correctly.
(You can take a look for example at the application with clientid GWu_IhzZSySH6FJmtWTx5g)

Thanks,
Mario

15

Last week the redirect url and authorization worked for me and now I too am getting this “Invalid redirect url (4,700)” error.

The only thing I did was proceed with the process of publishing the app.

16

Hey @mmijovilcevich, @bizstim.apps,

Can you try regenerating your publishable or test url and seeing if that fixes the issue?

Thanks,
Tommy

17

Hey @tommy

I already did that with not luck. I created a new application in another account, using exactly the same information and it worked fine. Everything indicates that the problem is in that specific app.
Could you please investigate if the app with ClientID 1q3Fw8wBQLg9qvB0pnsFQ (Dev)
ClientID C0rNV8dRWm0_rJ7I90iMg (Prod) has any problem?

Thanks!

18

Hey @mmijovilcevich,

Strange, I will look into why that app is having issues.

Thanks,
Tommy

20

Hey @mmijovilcevich,

I attempted to install your app (C0rNV8dRWm0_rJ7I90iMg) on your account, and I did not see a redirect url error.

I did see this though:

Screen Shot 2020-04-16 at 11.34.23 AM
Screen Shot 2020-04-16 at 11.34.23 AM3584×2278 332 KB

Are you getting the redirect error when installing the dev or prod version?

Thanks,
Tommy

22

Hey @tommy,

You get that error because ZoomOAuthRedirect is expecting an additional query param: state (it can’t be null). In our workflow, redirect_uri includes the state query param.

Thanks,
Mario