"Invalid Token!" error message when trying to refresh oauth token

I have the same problem.

Hi @tommy

Any update regarding this issue ?

Hey @picktime, @devdev, @basil, @shivam, @jk1,

@laimonas issue was the tokens were revoked, hence they cannot be refreshed.

Double check if you revoked the users token. If your issue is different, please provide your request details and steps to reproduce the issue.

Thanks,
Tommy

Hi @tommy,

Is there a way we can connect over Zoom. I can screen share and show you our logs, so you can test and check what’s going wrong and why the latest refresh token is showing as revoked without being revoked by our app or the user?

@tommy we don’t call revoke anywhere in our implementation. How does the token get revoked? Can you tell in the logs who/how it was revoked? That sounds suspicious to me. We have had this happen to some of our internal users so we get better feedback than public users, and they said they did not do anything special with their zoom accounts that they could remember.

Our implementation does not call revoke.

Joining the party We are getting the same error.
And, yes we have looked into everything discussed on this thread so far.

I had this happen with JWT, the token wasn’t associated correctly in the Marketplace App.

Hey @picktime,

I have sent you a private message.

Thanks,
Tommy

Hey @mark.mayer,

Were you able to resolve the issue?

Thanks,
Tommy

Hey @hima,

Please private message me one of your expired access tokens so I can debug.

Thanks,
Tommy

Hey @laimonas,

Please see my private message.

Thanks,
Tommy

Hello,

I’m experiencing the same issue but i’m not sure if that suppose to be the standard behavior or not. My worflow is as follow:

• user1 connect its zoom account to our app
• user2 connect the zoom account use by user1 to our app (both get different access token and refresh token)
• user2 revoke its access token
• user1 cannot use and cannot refresh its access token anymore. “Invalid token” are thrown even if he does not use the revocated token.

Can users share the same account ?

Thanks,

Yes, this issue is resolved. Thanks for reaching out.

@tommy Getting the same error. Have looked into everything in this thread.

api call to get new refresh_token works if made right after initial access_token generation, but it appears that after some time it’s becoming invalid (perhaps at the same time that the access_token is expiring).

Happy to hear you got it working @mark.mayer

-Tommy

Hey @beek,

Can you clarify this step? I am confused.

Thanks,
Tommy

Hey @neecholai,

Make sure you are always using the newest refresh_token that is returned with every refresh request.

Thanks,
Tommy

Hey @tommy

We appreciate you helping us fix the issue. Now it works. Thanks.

Happy to help @picktime!

In case this can help others, Picktime’s issue was an empty space in the authorize url between the client_id and redirect_url query param:

https://zoom.us/oauth/authorize?response_type=code&client_id={client_id} &redirect_uri={redirect_url}

-Tommy

@tommy Yep! using the newest refresh token.

I tested with Insomnia as well for my requests.

1. Successfully created access token / refresh_token
2. 2 minutes later => successfully refreshed token
3. 8 hours later => Copy/pasted returned refresh token from step 2 and attempted another refresh. Received Invalid Token error described above

I haven’t published my app yet, could that be the issue?
My calls are working to refresh the token if they’re made recently after initial access token creation, but not later.