Description
The access-token expires every hour so I need to use the refresh_token to get a new access_token, refresh_token pair. However I may not be using the latest refresh_token. But how can I know what the latest is? It may have been discarded. Seems like an unrecoverable position to be in! Any way to find out what the latest access-token and refresh_token is? Or even that in fact the refresh_token I’m using is not the latest.
Error
status 401
body {“reason”:“Invalid Token!”,“error”:“invalid_request”}
Which App Type (OAuth / Chatbot / JWT / Webhook)?
OAuth
Additional context
The App Name is actually “Audience Republic Dev”. Just private developing and at the moment we just use one login: arep_engineering@audiencerepublic.com
Thank you for reaching out to the Zoom Developer Forum. Great question! When attempting to authorize with a refresh_token you can check for a 401 response. If you encounter a 401 response, you know that the current refresh_token is invalid.
When a refresh_token is invalid, you’ll want to re-authorize the app in order to obtain a valid access_token and continue with the request.
That being said, if you closely manage the storage of access_tokens and the relevant refresh_tokens such that your app is the only thing authorizing the users, you should be able to greatly minimize the number of times this happens.
I hope that helps! Let me know if you have any questions.
status 401
body {“reason”:“Invalid Token!”,“error”:“invalid_request”}
So my question is now how do I ‘re-authorize the app’? Do I need to talk to a person or a page on your web site? Is there documentation for how you ‘re-authorize the app’?
It says “This URL is the same as the Install Button link on the Zoom App Marketplace.” I realised that our front-end must be initiating this URL so I triggered our front end and looked in the logs for the access_token and refresh_token. I found them - and the access_token indeed works! So I now should have a valid refresh_token that will work in an hours time…
Just editing here. The expired access_token was detected and a new pair retrieved and saved to the database.