Invalid access token when trying to call the REST API

API and Webhooks
1

I implemented the API call to create a Webinar. I’m using this code snippet to generate the JWT:

import { NextRequest, NextResponse } from "next/server";
import { KJUR } from "jsrsasign";

export async function POST(req: NextRequest) {
  const { userId, data } = await req.json();

  const apiKey = process.env.NEXT_PUBLIC_ZOOM_MEETING_SDK_KEY_ADMIN;
  const apiSecret = process.env.ZOOM_MEETING_SDK_SECRET_ADMIN;
  if (!apiKey || !apiSecret) {
    return NextResponse.json(
      { error: "Zoom API Key/Secret não configurados." },
      { status: 500 }
    );
  }

  const iat = Math.floor(Date.now() / 1000);
  const exp = iat + 60 * 5;
  const header = { alg: "HS256", typ: "JWT" };
  const payload = { iss: apiKey, exp };
  const jwt = KJUR.jws.JWS.sign(
    "HS256",
    JSON.stringify(header),
    JSON.stringify(payload),
    apiSecret
  );

  const zoomResp = await fetch(
    `https://api.zoom.us/v2/users/${userId}/webinars`,
    {
      method: "POST",
      headers: {
        Authorization: `Bearer ${jwt}`,
        "Content-Type": "application/json",
      },
      body: JSON.stringify(data),
    }
  );

  const result = await zoomResp.json();
  return NextResponse.json(result, { status: zoomResp.status });
}

The body I’m sending in the request is this:

{
    "userId": "lxpeadservices@gmail.com",
    "data": {
        "topic": "Webinar Teste Yan",
        "settings": {
            "question_and_answer": {
                "enable": true
            }
        }
    }
}

The JWT is successfully created, but when I send the API call, this error is returned:
{"code":124,"message":"Invalid access token."}

I’m using an account that has webinar access and permissions. I also created an Admin-managed app in the marketplace with webinar scopes and all users enabled.
App ID: JVFLSJtaTKiJdxhnisRfQw

The credentials I am using to generate the JWT are the Client ID and Client Secret provided in the app.

Captura de tela 2025-07-17 201504
Captura de tela 2025-07-17 201504746×464 31.1 KB

1 Like
2

Hi @dev_lxpead
Thanks for reaching out to us and welcome to the Zoom Developer forum.
The issue you are seeing is expected, JWT tokens are no longer supported for accessing the REST API.
To generate an access token to call the Zoom API, you have two options.:

  1. Using a Server to Server Oauth app, that allows you to generate access token without having to authorize an app on your end
  1. General oauth app, this requires user authorization on yor end to generate an access token.

Let me know if this helps!

1 Like
3

This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.