Invalid Client_id:[my_client_id]

API and Webhooks Authentication
1

API Endpoint(s) and/or Zoom API Event(s)

[type or paste code here](https://developers.zoom.us/docs/internal-apps/s2s-oauth/#to-generate-an-access-token)

Description
I am trying to generate a new token using the token generator api, and i receive the invalid client_id or client_secret. This is as min funny because yesterday it worked and just failed today.

Error?

{
“reason”: “Invalid client_id or client_secret”,
“error”: “invalid_client”
}
How To Reproduce

  1. We are using the api url : “https://zoom.us/oauth/token?grant_type=account_credentials&account_id=[my_account_id]

  2. Define de headers:
    Content-Type: application/x-www-form-urlencoded
    Authorization: Basic [base64([client_id]:[client_secret])

  3. POST in postman

  4. Error
    {
    “reason”: “Invalid client_id or client_secret”,
    “error”: “invalid_client”
    }

2

Can you share the source code for how you’re generating the query string / headers and sending the request? For example, I’m curious how you’re Base64 encoding the Client ID and Client Secret, as there are a few flavors.

3

Christopher thanks for answer asap.

Here you have the script that we used.

curl --location --request POST ‘https://zoom.us/oauth/token?grant_type=account_credentials&account_id=DEwew-23Fefefewe_efw3E’ \

–header ‘Content-Type: application/x-www-form-urlencoded’ \

–header ‘Authorization: Basic ZHdEd2VmZXdlZmVld2VmZHdERWplZmpROmRmZURld2VmZWZ3ZWZ3ZWZ3ZWNERkVGZXcxMzEzREY=’ \

Its super funny because yesterday it worked fine, I even used the token for create webinars and register registrants in those webinars, but now just stop to work.

4

Try regenerating your Client Secret and recomputing the Authorization header value. You should do this anyway as you’ve posted it in this public forum. I received the same error from trying your request details.

I sent the following raw request by using my Server-To-Server OAuth credentials and populating the Authorization header value by having JavaScript in a web browser execute: btoa("[Client ID]" + ":" + "[Client Secret]")

POST /oauth/token HTTP/1.1
Host: zoom.us
Content-Type: application/x-www-form-urlencoded; charset=utf-8
Authorization: Basic [redacted]
Content-Length: 64

grant_type=account_credentials&account_id=[redacted]

Technically the access token generation instructions say to refrain from using a query string (which tends to end up in log files) and place its content in the request body, like in my example, but Zoom also accepted the query string variation without a request body. Note that the instructions are misleading in that the example body in step 3 isn’t actually formatted as application/x-www-form-urlencoded.

5

Thanks for your answer.

I tried to regenerate the secret and it was not possible, i received the error: failed_to_regenerate_secret.

As i said, it was working yesterday, then i created a new app, and this one works perfectly. Then i suppose is not my postman configuration, but i will try to generete a new token tomorrow and verify that is not a limitation or misconfiguration of my zoom app or account.

I found a thread with the same problem, and it also doesn’t have any solution.

But is a bit crazy that de last app was working fine yesterday and now is just broken.