"Invalid api key or secret" error in Server-to-Server OAuth app

I’m trying to use curl to run an activity report. I can get the token from Zoom but when I try to use the it I get the error "Invalid api key or secret ". I’m doing this with a Server-to-Server OAuth setup since this will eventually run in the background on a server. How do I get past the error?

Here’s the sanitized version of how I get the token. The instructions for Server-to-Server OAuth say to use “account_credentials” for the grant_type but that fails with “unsupported grant type”.

$ curl -X POST -H 'Content-Type: application/x-www-form-urlencoded' -H 'Authorization: Basic base64encodedidandsecret==' 'https://zoom.us/oauth/token?grant_type=client_credentials&account_id=myaccountid' 2>/dev/null| jq .
  "access_token": "reallongaccesstoken",
  "token_type": "bearer",
  "expires_in": 3600,
  "scope": "account:master account:read:admin group:master group:read:admin report:master report:read:admin role:read:admin user:master user:read:admin"

When I then try to use the token I get the error:

$ curl -H 'Accept: application/json' -H 'Authorization: Bearer reallongaccesstoken' 'https://api.zoom.us/v2/report/activities'
{"code":200,"message":"Invalid api key or secret."}

Hi @beirne
Hope you are doing great?
It looks like you are passing the wrong grant_type in your url, it should be account_credentials and you are passing client_credentials

Could you please double check that and confirm if that fixes the issue?

Thanks @elisa.zoom, I had tried account_credentials first but it did not work. Here’s what I get back from it:

$ curl -s -X POST -H 'Content-Type: application/x-www-form-urlencoded' -H 'Authorization: Basic base64encodedidandsecret==' 'https://zoom.us/oauth/token?grant_type=account_credentials&account_id=myaccountid' | jq .
  "reason": "unsupported grant type",
  "error": "unsupported_grant_type"

Hey @beirne
What endpoint are you trying to call?

Hi @elisa.zoom
If I understand endpoint correctly, it’s https://api.zoom.us/v2/report/activities, as I showed in the second example in my original post.

could you try something like this:
curl -s -X POST -H 'Authorization: Basic ‘cliendId:clientSecret encoded 'https://zoom.us/oauth/token?grant_type=account_credentials&account_id={accountID}’

If I just change account to client before _credentials the query works fine:

$ curl -s -X POST -H ‘Authorization: Basic base64encodedidandsecret==’ ‘https://zoom.us/oauth/token?grant_type=client_credentials&account_id={accountID}’ | jq .
“access_token”: “reallylongtokenstring”,
“token_type”: “bearer”,
“expires_in”: 3600,
“scope”: “account:master account:read:admin group:master group:read:admin report:master report:read:admin role:read:admin user:master user:read:admin”

Right, have you rpelaced the “base64encodedidandsecret” for your actual encoded clientID and secret and the accountID with the accountID associated to your Server to Server app?

Interesting, Its working on my end

I built the base64encodedidandsecret by doing ‘echo “clientid:clientsecret” | base64’, with the two client fields filled in. I then pasted the result into the Authorization header parameter for curl. The same credential works fine for the client_credentials.

@elisa.zoom Could it be something in the account configuration? We were pretty much figuring it out from the web page and maybe missed something. Aside from going through and reading the instructions really carefully, do you have any ideas on what might cause this? By googling I found others with the same problem but unfortunately no posted solution.

No, Its quite interesting to me cause I have not been able to replicate this issue on my end.
I wrote this guide about a month ago, maybe it can help you troubleshoot the error:

Let me know if it helps!

@elisa.zoom, your guide for Postman is good. I just vaguely know how to use it and I set up the query pretty quickly. Unfortunately I get the same results. It works with client_credentials and does not work with account_credentials. The responses are the same as what I get with curl, so I won’t post them here.

Very very interesting @beirne
I am going to send you a DM so we can set up a call or exchange more details!

1 Like

After some debugging together, we figured it out @beirne !!!

Here are some steps to debug and fix this issue if you are getting the same error

  1. Make sure that you have the right permissions enabled in your account to be able to user the Server-to-Server OAuth app, you can do so in the Web Portal, by going to User Management > Roles > Role Settings > Advanced features (this can only be done by an Administrator or the Owner of the account)

  1. Make sure that your application is a Server-to-Server OAuth app in the Marketplace (here is a link to our Docs: Create a Server-to-Server OAuth App)

  1. Last but not least, every time you make any changes to your app (like adding scopes or features) make sure to activate the app in your account.

Hope this helps!

Thank you @elisa.zoom ! This solved a big mystery and got it working. I appreciate your help and the instructions.

1 Like

Thank You so much for sharing.

1 Like

Thank You so much for the valuable information. Much appreciated.

1 Like

I have been working on a Laravel project that provides online education to students. I wanted to use Zoom services of video conferencing so that the teacher can connect with their students through video conference. Following the API reference documentation, I have registered an app with Zoom. I got an API key and API secret along with an access token by following the documentation.

I am sending subsequent requests to post/fetch data from Zoom, but I have been getting an error message

Hey @ahsanali1821142
Feel free to open up a new Topic since this one is closed :slight_smile: