"Invalid api key or secret" error in Server-to-Server OAuth app

If I just change account to client before _credentials the query works fine:

$ curl -s -X POST -H ‘Authorization: Basic base64encodedidandsecret==’ ‘https://zoom.us/oauth/token?grant_type=client_credentials&account_id={accountID}’ | jq .
“access_token”: “reallylongtokenstring”,
“token_type”: “bearer”,
“expires_in”: 3600,
“scope”: “account:master account:read:admin group:master group:read:admin report:master report:read:admin role:read:admin user:master user:read:admin”

Right, have you rpelaced the “base64encodedidandsecret” for your actual encoded clientID and secret and the accountID with the accountID associated to your Server to Server app?

Interesting, Its working on my end

I built the base64encodedidandsecret by doing ‘echo “clientid:clientsecret” | base64’, with the two client fields filled in. I then pasted the result into the Authorization header parameter for curl. The same credential works fine for the client_credentials.

@elisa.zoom Could it be something in the account configuration? We were pretty much figuring it out from the web page and maybe missed something. Aside from going through and reading the instructions really carefully, do you have any ideas on what might cause this? By googling I found others with the same problem but unfortunately no posted solution.

No, Its quite interesting to me cause I have not been able to replicate this issue on my end.
I wrote this guide about a month ago, maybe it can help you troubleshoot the error:

Let me know if it helps!

@elisa.zoom, your guide for Postman is good. I just vaguely know how to use it and I set up the query pretty quickly. Unfortunately I get the same results. It works with client_credentials and does not work with account_credentials. The responses are the same as what I get with curl, so I won’t post them here.

Very very interesting @beirne
I am going to send you a DM so we can set up a call or exchange more details!

1 Like

After some debugging together, we figured it out @beirne !!!

Here are some steps to debug and fix this issue if you are getting the same error

  1. Make sure that you have the right permissions enabled in your account to be able to user the Server-to-Server OAuth app, you can do so in the Web Portal, by going to User Management > Roles > Role Settings > Advanced features (this can only be done by an Administrator or the Owner of the account)

  1. Make sure that your application is a Server-to-Server OAuth app in the Marketplace (here is a link to our Docs: Create a Server-to-Server OAuth App)

  1. Last but not least, every time you make any changes to your app (like adding scopes or features) make sure to activate the app in your account.

Hope this helps!

Thank you @elisa.zoom ! This solved a big mystery and got it working. I appreciate your help and the instructions.

1 Like

Thank You so much for sharing.

1 Like

Thank You so much for the valuable information. Much appreciated.

1 Like

I have been working on a Laravel project that provides online education to students. I wanted to use Zoom services of video conferencing so that the teacher can connect with their students through video conference. Following the API reference documentation, I have registered an app with Zoom. I got an API key and API secret along with an access token by following the documentation.

I am sending subsequent requests to post/fetch data from Zoom, but I have been getting an error message

Hey @ahsanali1821142
Feel free to open up a new Topic since this one is closed :slight_smile:

I have tried this serveral times, and keeps saying invalid acess token, does not scopes.

@jim I have sent you a private message and also replied to you in the other thread

I’m getting the same unsupported_grant_type error trying to get the account_credentials access token, but the solution here isn’t working. There’s no button labelled Role Settings under User Management > Roles, and if you meant that the role settings for one of the roles needs to be changed, uh, which role? We have three roles that have settings pages that look like the screenshot, but we tried turning it on for all of them, and it’s still failing.

The app is definitely server-to-server oauth, and I tried deactivating and reactivating it, but that didn’t help either.

Hey @kyle.kinney
Can you please share the request URL that you are sending when requesting an access token so I can take a look into it and troubleshoot the issue

All right, I knew it was going to be either something really stupid or something really arcane, and it turns out it was the first one. I went to double check the URL, and noticed that I was building the form arguments but not adding them to the request properly, which apparently results in the same error message. I have it working now.

Happy to hear you were able to fix this! @kyle.kinney
Feel free to reach out back to us in the future :slight_smile: