Installation error for ZoomX user

Zoom Apps Configuration
Our app is running on node.js backend and a combination of VanillaJS/AngularJS/React microfrontends. The issue happens during installation, so the only relevant code here is our node.js backend.

Description
The installation works correctly for normal Zoom users. However, when I as a ZoomX user (German Telekom version of Zoom; user is created here: https://eu02web.zoom.us/ ), the installation process fails. We are using the traditional web-based installation.

The issue: we get a 400 response when making a request to “https://zoom.us/oauth/token”, in order to exchange authorization code for token. We could not find any meaningful data in the response, aside from the HTTP response code. This code is a part of the authentication process mostly copied from the example app provided to us, and it works normally, just not with the ZoomX user.

Full request URL (except for the sensitive data): https://zoom.us/oauth/token?grant_type=authorization_code&redirect_uri=https%3A%2F%2Fzoomapp.linkando.com%2Fzoomapp%2Fauth&code=<AUTH_CODE>

Maybe we need a different API domain when working with ZoomX users? Is it possible to have a universal app which would work correctly for both types of users?

Error?

2022-10-14T02:23:36.445840825Z 3. Exchange authorization code for tokens
2022-10-14T02:23:36.445876726Z Making request to "https://zoom.us/oauth/token"...
2022-10-14T02:23:36.860399270Z Custom error handler: error: Error: Request failed with status code 400
2022-10-14T02:23:36.860441771Z     at createError (/home/node/app/node_modules/axios/lib/core/createError.js:16:15)
2022-10-14T02:23:36.860447471Z     at settle (/home/node/app/node_modules/axios/lib/core/settle.js:17:12)
2022-10-14T02:23:36.860451471Z     at IncomingMessage.handleStreamEnd (/home/node/app/node_modules/axios/lib/adapters/http.js:269:11)

How To Reproduce

• Create a ZoomX user;
• Try to install the app;
  Expected: successful installation
  Actual: 400 error

@tkishkin thanks for the really helpful and specific info here. We’re looking into it.

@tkishkin This is an issue involving this new cluster (https://eu02web.zoom.us/). Evidently, it is under testing and issues are to be expected. We’ll keep our eyes peeled and let you know of any updates. Thx for your patience.

@tkishkin Is this still an issue? Early/internal testing of the fix is positive. If you’re able to confirm on your end, with thanks.

Hi Jon! Thank you for your response!
We’ve tried installing our app again, with the same ZoomX user. Still receiving error response:

Error: Request failed with status code 400

Our request: https://zoom.us/oauth/token?grant_type=authorization_code&redirect_uri=https%3A%2F%2Fzoomapp.linkando.com%2Fzoomapp%2Fauth&code=<AUTH_CODE>

This time I’ve found the following piece of information in the response:

data: { reason: 'Invalid authorization code', error: 'invalid_grant' }

Not sure if it was there last time.

What would you suggest?

@tkishkin Thanks again for the helpful details. It looks like you’re no longer impacted by the cluster issue, which is good news.

The error you’re seeing has to do with your oauth against the zoom.us oauth endpoints. There are severable searchable posts on the forum on this issue. Here is one of them: Cannot renew access and refresh token (invalid_grant)

The docs on OAuth with Zoom are here: OAuth with Zoom

see here: Unable to exchange token during in-client oauth flow (and other issues) - #2 by ash.provost

Hi @ash.provost , @JonStewart ,

Thank you for the advice! Unfortunately, we are still struggling with it.

We just confirmed that for a normal user (freshly created from https://zoom.us/) the app installation works correctly, as always. Token exchange code works without errors, and the user is redirected back to the app via direct link after installing the app from the browser.

But for our ZoomX user, after installing the app, our app crashes with ‘invalid_grant’ error upon request to https://zoom.us/oauth/token. The app is still installed after that, but our authorization process gets interrupted, which leads to further issues.

We also could reproduce the same behavior in Zoom Apps from other publishers (I can give examples in our Zoom chat if needed - not sure if it’s OK to provide info about other apps on this public page). Our normal user can install these apps, but when the ZoomX user tries exactly the same, the installation process is interrupted with an error.

Is it possible that there is still some issue with the cluster configuration? As our code works correctly in the classic environment. And the same issue is reproduced in other apps. Maybe the authorization code issued for ZoomX user doesn’t get recognized by the US server - just a guess?

I’ve also read the links that you provided. But not sure how these solutions could be applied to our case. We get an error on the stage of exchanging auth code to a token, not during refreshing of a token (like in the case of housing_ring user). And we are using the classic in-browser authorization, as opposed to the in-client authorization (like in the case of seshandrew user).

Maybe you have other suggestions?

Thanks again!

We will pass this information along to those who are debugging this cluster. Thank you for your insights

The team found the root cause of the issue. Current target is to have a fix deployed on the 12th

Update here: Our devops team is targeting deploy to fix this issue on Nov 12. Very sorry for the inconvenience

@ash.provost @JonStewart It looks like the issue is gone. We’ve managed to install the app for ZoomX user. I assume the fix was delivered? Thank you!