Invalid access token, does not contain scopes for Zoom Session Granular Scopes

API and Webhooks
1

Something changes today

I have an access token with granular scopes

zoom_events:read:list_events ,zoom_events:read:list_events:admin

GET https://api.zoom.us/v2/zoom_events/events?role_type=host
Authorization: Bearer {{accessToken}}
Content-Type: application/json

The response is

{
  "code": 104,
  "message": "Invalid access token, does not contain scopes:["
  zoom_events_basic: read
  ","
  zoom_events_basic: read
  :
  admin
  "]"
}

There are no granular scopes. Allowed anymore. Same call was working last on october 19

Thank you

2

Hi @zoom-sessions is this response with a newly generated, unexpired token?

4

Yes, a newly token

{
  "access_token": "xxxxxxx",
  "token_type": "bearer",
  "expires_in": 3600,
  "scope": "zoom_events:write:event:admin zoom_events:delete:event:admin zoom_events:read:event:admin zoom_events:read:list_events:admin zoom_events:update:event:admin zoom_events:read:list_hubs:admin zoom_events:read:list_registrants:admin zoom_events:read:list_session_attendees:admin zoom_events:read:event_attendance:admin zoom_events:read:event_registration:admin zoom_events:read:list_session_surveys:admin zoom_events:write:session:admin zoom_events:read:list_sessions:admin zoom_events:delete:session:admin zoom_events:read:session:admin zoom_events:update:session:admin zoom_events:read:list_session_interpreters:admin zoom_events:update:session_interpreter:admin zoom_events:read:list_session_polls:admin zoom_events:update:session_poll:admin zoom_events:read:session_token:admin zoom_events:read:list_ticket_types:admin zoom_events:write:ticket_type:admin zoom_events:update:ticket_type:admin zoom_events:delete:ticket_type:admin zoom_events:read:list_registration_questions:admin zoom_events:update:registraion_question:admin zoom_events:write:ticket:admin zoom_events:delete:ticket:admin zoom_events:read:ticket:admin zoom_events:read:list_tickets:admin zoom_events:delete:exhibitor:admin zoom_events:read:list_exhibitors:admin zoom_events:write:exhibitor:admin zoom_events:update:exhibitor:admin zoom_events:read:list_sponsor_tiers:admin zoom_events:read:exhibitor:admin zoom_events:write:speaker:admin zoom_events:delete:speaker:admin zoom_events:read:speaker:admin zoom_events:read:list_speakers:admin zoom_events:update:speaker:admin zoom_events:read:list_attendee_actions:admin zoom_events:read:list_session_attendee_actions:admin zoom_events:update:batch_attendee_actions:admin zoom_events:update:batch_session_attendee_actions:admin zoom_events:read:list_coeditors:admin zoom_events:read:list_access_links:admin zoom_events:read:recording_watched:admin zoom_events:read:chat_transcripts:admin zoom_events:read:list_all_vod_channels:admin zoom_events:read:vod_channel:admin zoom_events:update:access_links:admin zoom_events:read:access_links:admin zoom_events:delete:access_links:admin zoom_events:write:access_links:admin zoom_events:read:list_session_reservations:admin zoom_events:delete:vod_channel:admin zoom_events:write:vod_channel:admin zoom_events:update:vod_channel:admin zoom_events:read:vod_registrations:admin zoom_events:read:list_hub_videos:admin zoom_events:delete:vod_channel_videos:admin zoom_events:read:list_vod_channel_videos:admin zoom_events:write:vod_channel_videos:admin",
  "api_url": "https://api.zoom.us"
}
5

Okay thank you, can you please send me the zm-tracking-id from the response headers for the request? Were there any permissions changes to your role or account that you are aware of?

6

x-zm-trackingid: WEB_0e55521b939752f6e5d56840b1b9abd8

Were there any permissions changes to your role or account that you are aware of? Answer is no

7

I also tried adding a new server2server oauth app, same thing

8

@elisa.zoom , when you get a chance can you please share the ZSEE ticket for the other customer who experienced granular scopes disappearing?

9

Sure thing! @gianni.zoom here’s one of the internal tickets I created (ZSEE-143076)

1 Like
10

Hi, is there any update. I can also reproduce this error with your postman project

11

Hi @zoom-sessions I opened up a support ticket on your behalf as this behavior is similar to a few other customers recently. Can you please check your email to correspond with support there? Please let us know what the issue was.

Thank you!

12

It sounds like you’re encountering an issue with an invalid access token in your Zoom API integration. This error typically indicates that the token you’re using doesn’t have the necessary permissions (scopes) to access the specific features or data you’re trying to use, such as Granular Scopes for Zoom Sessions.

Check OAuth Scopes: Ensure that the token was generated with the correct OAuth scopes. You may need to request additional scopes related to Zoom Sessions.
Regenerate the Token: If you’ve modified the scopes in your app settings, regenerate the access token to reflect those changes.

13

Its sounds like this is the answer of and llm :frowning: - The required scopes " zoom_events_basic: read" are not granular scopes and it is not possible to select these in an new server2server oauth app

14

Hi @zoom-sessions , did you check your email to work with support?