Invalid access and refresh token after gateway timeout


Recently some gateway timeouts occurred which caused some of our customers to lose the current refresh_token during “transport” and the old refresh_token became invalid before we could save the new access_token and refresh_token which makes it impossible to get a new access_token after the timeout because the old refersh_token is not valid anymore and the api request response is “invalid token”.

Our app is a background application which doesnt have any front-end action execpt the authorization flow and works with users account (for expamle create zoom meeting on behalf the user). So, the person that would have to re-authorize the application is our customer. We can’t be going to the customer and asking them to re-authorized our application. It’s a bad user experience for them and us.

I was reading some articles (here in the dev forum) that there is an option to increase the refresh_token tolerance and would like to ask if this is still an option and what we have to do to increase this tolerance.

I would appreciate further information.

Best regards


We can increase token tolerance on case by case basis. Can you open a ticket with our developer support here (Sign In - Zoom) so that they can assist you?