"Invalid Token!" response when trying to refresh access token

API and Webhooks
1

Hi there. As of last Friday I have begun receiving errors when trying to hit the following endpoint to refresh our access token https: //zoom.us/oauth/token

I have done some looking around and I all the solutions I could find do not work in my case (https://devforum.zoom.us/t/zoom-api-refresh-token-not-working-reason-invalid-token-error-invalid-request/37089). This just begun happening Friday when I pushed no code changes from my side. I have successfully transitioned from the previous way of passing access/refresh tokens in the URL query params as defined in this post https: //devforum.zoom.us/t/security-update-no-token-values-in-url-query-parameters/78782/23.

The very first time I attempt to use the refresh token I just received it is erroring out with the following 400 response. Please advise. I will include the cURL snippets below.

{
    "reason": "Invalid Token!",
    "error": "invalid_grant"
}

https://zoom.us/oauth/token - attempting to retrieve the refresh token initially (returns access token and refresh token successfully) - Note: For this I have also tried passing in the grant_type, code, and redirect_uri in the body as prescribed by the Zoom docs, but the result stays the same.

curl --location --request POST 'https://zoom.us/oauth/token?grant_type=authorization_code&code={code}&redirect_uri={redirectUri}' \

--header 'Content-Type: application/x-www-form-urlencoded' \

--header 'Authorization: Basic {creds} \

--header '_zm_ctaid={val}; _zm_mtk_guid={val}f; _zm_page_auth={val} \

https://zoom.us/oauth/token - attempting to use the refresh token I received from the above post (this errors out)

curl --location 'https://zoom.us/oauth/token' \

--header 'Content-Type: application/x-www-form-urlencoded' \

--header 'Authorization: Basic {creds}'\

--header '_zm_ctaid={val}; _zm_mtk_guid={val}; _zm_page_auth={val} '\

--data-urlencode 'grant_type=refresh_token' \

--data-urlencode 'refresh_token={refreshToken}'
2

@MacallisterOwens,

Thank you for posting in the Zoom Developer Fourm – I am happy to help here. To begin is the behavior described reproducible? Have you tested getting a refresh token with a tool like Postman? I’ve done some testing on my end and I am not able to reproduce the described behavior.

3

I have opened a similar ticket a few days ago : Server to Server Oauth - #4 by elisa.zoom

4

@EVant ,

Thank you for chiming in and posting the ticket you opened. Based on the details you shared, it seems everything you are doing is correct and you should not be getting that 401 "Invalid access token " error. In order to understand what may be happening, can you submit a support ticket? This way support can take a closer look and diagnose what may be happening. You can submit a support request here :

5

I have confirmed that getting the refresh token with postman works (I receive the refresh and access token back), but when i try to refresh the access token I still receive the error. I previously had a ticket open and I was redirected here to the dev form. I can provide you with the full unaltered cURL of both calls privately if you wish, I can consistently reproduce this every time.

curl --location 'https://zoom.us/oauth/token' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--header 'Authorization: Basic {creds}' \
--header 'Cookie: {cookie}; _zm_chtaid={val}; _zm_ctaid={val}; _zm_mtk_guid={val}; _zm_page_auth={val}; _zm_ssid={val}; cred={val}' \
--data-urlencode 'grant_type=authorization_code' \
--data-urlencode 'code={code}' \
--data-urlencode 'redirect_uri={redirectURI}'

This returns:

{
    "access_token": "{accessToken}",
    "token_type": "bearer",
    "refresh_token": "{refreshToken}",
    "expires_in": 3599,
    "scope": "user:write:admin webinar:write:admin report:read:admin meeting:write:admin"

I then use the refresh token in the following call

curl --location 'https://zoom.us/oauth/token' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--header 'Authorization: Basic {creds}' \
--header 'Cookie: __cf_bm={val}; _zm_chtaid={val}; _zm_ctaid={val}; _zm_mtk_guid={val}; _zm_page_auth={val}; _zm_ssid={val}; cred={val}' \
--data-urlencode 'grant_type=refresh_token' \
--data-urlencode 'refresh_token={tokenFromPrevCall}'

which returns the following:

{
    "reason": "Invalid Token!",
    "error": "invalid_grant"
}
6

This topic was automatically closed 368 days after the last reply. New replies are no longer allowed.