Recently some gateway timeouts occurred which caused some of our customers to lose the current refresh_token during “transport” and the old refresh_token became invalid before we could save the new access_token and refresh_token which makes it impossible to get a new access_token after the timeout because the old refersh_token is not valid anymore and the api request response is “invalid token”.
Our app is a background application which doesnt have any front-end action execpt the authorization flow and works with users account (for expamle create zoom meeting on behalf the user). So, the person that would have to re-authorize the application is our customer. We can’t be going to the customer and asking them to re-authorized our application. It’s a bad user experience for them and us.
I was reading some articles (here in the dev forum) that there is an option to increase the refresh_token tolerance and would like to ask if this is still an option and what we have to do to increase this tolerance.
We can increase token tolerance on case by case basis. Can you open a ticket with our developer support here (Sign In - Zoom) so that they can assist you?
When your app gets an invalid token error ), trigger the authorization flow again. This will prompt the user to reauthorize once, which is smoother than constant failed requests.
this topic is almost 2 years old. But I will reply: This doesn’t help if a customer wants to book a meeting because you can’t show the customer the authorization flow. The authorization flow is just useful for the zoom account owner but not the customer who wants to book a meeting. And if you have a gateway timeouts (or other issues) during the booking process then it is a bad UX because the app cannot create the zoom room automatically. I hope I could explain you the use case.
But however, this issue was solved perfectly by the zoom team and it works like a charm.