We are calling this endpoint when we receive a participant joined callback and the participant’s access token is expired: https://zoom.us/oauth/token?grant_type=refresh_token&refresh_token={insertTokenHere}
For only 2 of our users (out of hundreds of users), something seems to have gone wrong in the refresh process.
The users requested refresh as usual, and logs show that the refresh went through fine, and the token was stored. Looking at the refresh token also shows that its “exp” and “nbf” are reasonable. Furthermore, the users do not seem to have ever deauthorized our app.
I think the only way forward for these two users will be to contact them and ask them to re-install (correct me if I’m wrong).
My main concern, however, is that this happen to other users as well, which is why I’d like your help to determine the cause.
Hi, I am developing an app when the user can’t reauthorize every time but it seems that my refresh token is always invalid when I try to get a new access token. I have tested the client id and it is valid. I have tried it for the past few days but it never seems to work. What is the solution?
Same exact problem. I get the token and refresh. Tested my refresh functionality, and it seems to work the first time. Wait later, and run it again and get Invalid Token! message.
@tommy
Hi we’re seeing the same issue. We’re using a POST request and saving our latest refresh token every time we obtain a new access token. Would you be able to help me out? Thanks!
@tommy We’re having a very similar issue. It seems like the Refresh Token is never any good. Here’s our scenario.
Do Auth to get an Access Token and a Refresh Token for user-level app and save to our database.
Then either wait more than one hour or corrupt the AT in our DB so we no longer our a valid AT.
Make a call to try to book a meeting using the AT, we get a 401 error. (expected.)
Make a call to refresh the tokens passing the RT. We get a 401 error saying the token is invalid. (not expected and has worked in the past.)
One common reason this can happen is if a user Zoom OAuths with your app on a different device. If that happens, the original set of OAuth tokens will no longer be valid since Zoom only supports one valid refresh and access token at a time for a user.
Yes @tommy still getting a error:
Client error: POST https://zoom.us/oauth/token resulted in a 401 Unauthorized response: {“reason”:“Invalid Token!”,“error”:“invalid_request”}
Im using this app in my local machine and not using different devices…
@tommy
I can register with the first auth token but the refresh token is always invalid.
The webinar ID is 91308815810. Is it some configuration error on the Oauth app?
Yes @tommy, here is what I got,
I’m working with a Licensed account to manage Webinars.
So I have a test Webinar created and the idea is to make a form for Registrant Webinars.
I created a Oauth App in: marketplace.zoom.us.
In my local machine I Login to zoom with my Licensed account and everything works well registering user with a form created,
where I always use the access_token unless the response gives me a 401 error,
if that happens I try to request the “Refreshing an Access Token” like is documented, and that is where I’m stuck, is always given me the “Invalid Token” error.
For the “Refreshing an Access Token” request
Hope this helps someone, basically the problem is the refreshtoken is updated everytime a new access token is called. So you need to update both on your end. Access Token AND refresh token. Otherwise you will get refresh token invalid if you use the original refresh token.