Invalid S2S Access Token

abhishekkumar · May 20, 2023, 2:56am

API Endpoint(s) and/or Zoom API Event(s)
Link the API endpoint(s) and/orZoom API Event(s) you’re working with to help give context.

Description
On creating S2S Access Token for the first time, I am getting Invalid Access Token while adding hosts, but when I regenrated the token it worked correctly. This is happening more than once now. How do I resolve this?

Error?
Invalid Access Token

How To Reproduce
Steps to reproduce the behavior:
*1. Add credentials for creating S2S Access TOken
*2. Generate the token
*3. Sometimes I’m getting Invalid Access Token

elisa.zoom · May 22, 2023, 1:16pm

Hi @abhishekkumar
Thanks for reaching out to us!
Could you please make sure that you are not generating more than 1 token at a time?
With server to server Oauth tokens, you can only have 1 active token, so if you generate a new token, the previous one will be invalidated.
This could be causing the invalid access token error you are seeing.

abhishekkumar · May 22, 2023, 1:30pm

@elisa.zoom It happened for a new token i generated, the token was working fine after regenerating again. I faced it more than once.

elisa.zoom · May 22, 2023, 3:48pm

Hey @abhishekkumar
Is this still happening today?
Whenever this happens again, could you please save the access token and the request you sent and share them with me? You can ping me here and once you have that information I will send you a Direct Message and that way you will be able to send that token privately

abhishekkumar · May 23, 2023, 7:06am

zoom token -

The token was generated just now and when we are trying to add an user we can getting Invalid access token. The next time when we are regenerating access token it’s working when we regenerated it.

on decoding the token:

{
  "aud": "https://oauth.zoom.us",
  "uid": "2
  "ver": 9,
  "nbf": 1684824624,
  "code": "7
  "iss": "z
  "gno": 0,
  "exp": 1684828224,
  "type": 3,
  "iat": 1684824624,
  "aid": "rfNk
}

can we check this ?

elisa.zoom · May 23, 2023, 8:46pm

I will send you a private message to follow up @abhishekkumar

lloyd.weber · May 26, 2023, 3:11pm

I have a similar question: We are seeing an HTTP 400 “Bad Request” response from some of our Zoom API calls. The body message is “Invalid access token.”

elisa.zoom · May 31, 2023, 7:51pm

Hi @lloyd.weber
Make sure that your access_tokens are valid.
With the server to server oauth app, when you generate a new token, the previous one gets invalidated

lloyd.weber · May 31, 2023, 8:17pm

Hi Elisa, thanks for your response. I do take care to replace the old access token when we generate a new one. I have some details about the error we are seeing, I wonder if you would be able to use the tracking code below to determine the cause of the error?

We are seeing an HTTP 400 “Bad Request” response from some of our Zoom API calls. The body message is “Invalid access token.” We have seen this both in a production account and QA accounts. It does not happen every time.

This result is from a query to get a phone user profile, e.g. GET “accounts/{accountId}/phone/users/{userId}”. The log info, from an example using a production account, is below. Some relevant data from the log:

Account Id = Tm8NBVszRdmL-A1s52mOOA
User Id = 9VftMZP-ToOg9idf6ypWYw
Query: GET: URL=https://api.zoom.us/v2/accounts/Tm8NBVszRdmL-A1s52mOOA/phone/users/9VftMZP-ToOg9idf6ypWYw
Tracking Id: WEB_29b99fb5a701472abb7a42270b57db86

2023-05-23 00:33:39,652 ERROR ZOOM-3661-group-Tm8NBVszRdmL-A1s52mOOA-collector (txnid=2ymr17edlhzjmeax,appid=100):RestServiceUnirestImpl Throwing exception for response: HTTP Status=400, Status Text=Bad Request, Headers={date=[Tue, 23 May 2023 00:33:39 GMT], content-length=[46], server=[cloudflare], x-zm-region=[VA], cf-ray=[7cb9356e5bd48cc6-EWR], vary=[Origin, Access-Control-Request-Method, Access-Control-Request-Headers], x-frame-options=[deny], cf-cache-status=[DYNAMIC], strict-transport-security=[max-age=31536000; includeSubDomains], nel=[{“success_fraction”:0.01,“report_to”:“cf-nel”,“max_age”:604800}], content-type=[application/json], connection=[keep-alive], report-to=[{“endpoints”:[{“url”:“https://a.nel.cloudflare.com/report/v3?s=omkdLkR5hsepknNqI6kJ5kAf40aUmbSD2TvzkBZfhOm%2Frr3Fb1j4IklP%2FgEv1P8W114slOwiqGWl7a9qMTsXmKFnm6fkoQ6w1C9goc5aJKurpHCF5Hu5EKxPqaX5”}],“group”:“cf-nel”,“max_age”:604800}], x-zm-trackingid=[WEB_29b99fb5a701472abb7a42270b57db86], alt-svc=[h3=“:443”; ma=86400, h3-29=“:443”; ma=86400]}, Body={“code”:401,“message”:“Invalid access token.”}, Request=Executing GET: URL=https://api.zoom.us/v2/accounts/Tm8NBVszRdmL-A1s52mOOA/phone/users/9VftMZP-ToOg9idf6ypWYw, Headers={authorization=[Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJZeGxuYlhmM1R0UzJpV3o0djNHeXJnIiwiZXhwIjoxNjg0ODA1NjE5fQ.jKNunzbc6eZX0cXynF_7ViOpJAOT5jZRfJBcaiK0P4Q], accept-encoding=[gzip], accept=[application/json], user-agent=[unirest-java/3.1.00]}, Body=none

Thank you,

elisa.zoom · June 7, 2023, 1:48pm

Hi @lloyd.weber
Sorry for the late reply here
I have created an internal ticket with our Engineering team and will update you as soon as I hear back from them (ZSEE-95349 for your reference)
Cheers,
Elisa

Topic		Replies	Views
Invalid access token in Server-Server OAuth API and Webhooks api , s2s-oauth	11	1082	July 17, 2023
Server-to-Server OAuth (invalid_client) API and Webhooks api , s2s-oauth	6	472	September 22, 2023
Code: 124 Invalid Access Token in S2S OAuth API and Webhooks api , s2s-oauth	3	253	October 18, 2023
S2S OAuth Token invalid before 3600 seconds are over Meetings	6	689	October 28, 2022
Previous Oauth Token is no more working Users and Groups api , server-to-server , s2s-oauth	5	771	April 20, 2023

Invalid S2S Access Token

Related Topics