Issue With Downloading Recording Transcripts From tenant-specific Zoom Endpoint

ukoppu · June 5, 2024, 3:25pm

API Endpoint(s) and/or Zoom API Event(s)
[Get recordings] https://developers.zoom.us/docs/api/rest/reference/zoom-api/methods/#operation/recordingGet

Description
We’ve encountered an issue while attempting to download transcripts from a recording via the tenant-specific Zoom endpoint. While the calls to

api.zoom.us are successful, we’re experiencing failures specifically with the tenant-specific URL for downloading recording transcripts, such as:

Download URL: Tenant-specific url from the Get recordings api - https://xyz.zoom.us/rec/download/<id>

Proper authorization header (with proper scopes - recording:read) is also passed in the request which works for the API calls through api.zoom.us

The download url above is received from API endpoint defined above.

Error?
Here’s a summary of the error we’re encountering:

Received response:
StatusCode: 403
Response Body:

<?xml version=\"1.0\" encoding=\"UTF-8\"?><Error><Code>AccessDenied</Code><Message>Access denied</Message></Error>

Response headers:

{
  'Via': '1.1 446e26a256db1310ae719d818e420898.cloudfront.net (CloudFront)',
  'Connection': 'keep-alive',
  'Date': 'Mon, 13 May 2024 23:07:11 GMT',
  'X-Amz-Cf-Pop': 'SEA19-C3',
  'Content-Type': 'text/xml',
  'Server': 'CloudFront',
  'X-Amz-Cf-Id': '1euWRAaICiztbrG07oD0VKNNIy1eeKmdKu9SuA0c437zRXVfnkfNWg==',
  'X-Cache': 'Error from cloudfront',
  'Content-Length': '110'
}

How To Reproduce
Steps to reproduce the behavior:

Call user recordings api to get the recordings from a specific period
https://api.zoom.us/v2/users/me/recordings?from=1970-01-01&page_size=300&to=2024-05-14
Use the download url for the transcript received from the above call and make another call to download the transcript while passing a proper authorization header.
Authentication method - OAuth2 against a Zoom app

Do we need to whitelist any IPs on the tenant-specific Zoom configuration? We are only seeing this happening in the application code but not while invoking the same download url through a light-weight rest client e.g. Curl.

Any help is very appreciated. Thanks.

gianni.zoom · June 7, 2024, 1:10pm

Hi @ukoppu , have you tried using the download_access_token supplied in the response with the url and experienced different behavior?

ukoppu · June 7, 2024, 5:51pm

Hello,
I don’t think the download token exists in the https://developers.zoom.us/docs/api/rest/reference/zoom-api/methods/#operation/recordingsList response.
We are passing in the user authorization token when downloading the transcript which should be sufficient based on the documentation for the above api. Is there anything that we need to whitelist on the tenant side as I mentioned a similar call works when trying through Postman or any other rest client with proper auth header.

Thanks.

gianni.zoom · June 12, 2024, 2:27pm

Hi @ukoppu , this is true, but the download_access_token is supplied in the original endpoint you referenced in your first message. You should be able to use either the download_access_token or the user’s OAuth access token so I would like to if that one works for you at least in the interim. Please confirm the behavior for me.

When using the OAuth token, you are sending a request like curl -H 'Authorization: Bearer <ACCESS_TOKEN>' https://{{base-domain}}/rec/archive/download/xyz?

ukoppu · June 12, 2024, 9:41pm

Hello, yeah we are actually calling user recordings from the endpoint below that are specific to a user and we are passing the user’s oauth token as part of the request as you defined.
The /users/me/recordings endpoint doesn’t provide a download_access_token
https://developers.zoom.us/docs/api/rest/reference/zoom-api/methods/#operation/recordingsList

gianni.zoom · June 13, 2024, 3:23am

Hi @ukoppu , thanks for confirming your process. I am going to private message you for the following info so I can investigate further:

name and production client id of your app
dev email associated with credentials making API request
full curl request & response

Message will be in your notifications.

gianni.zoom · July 15, 2024, 3:23pm

Hi @ukoppu , created a support ticket (TS1334642) – please check the email you provided to me so you can respond in the thread with support staff.

gianni.zoom · July 23, 2024, 8:00pm

From support: Upon investigation, there is nothing that would block the traffic on the Zoom side. If that were the case, we would see the same result when executing through Postman or Curl which developer has confirmed works fine. Developer is encouraged to review application code.

system · July 24, 2024, 8:00pm

This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.

Topic		Replies	Views
403 Forbidden Error from CloudFront when trying to download a recording Meetings	4	48	August 9, 2024
Recording download URL from API via webhook returns Error API and Webhooks	4	655	August 21, 2020
Cannot download some recording using API Cloud Recordings	2	453	January 11, 2024
BUG downloading recordings transcripts with access token. Error message: {"status":false,"errorCode":300,"errorMessage":"Forbidden"} API and Webhooks	2	525	January 28, 2021
Downloading cloud recordings with access_token fails for specific end users Cloud Recordings	5	324	June 28, 2024

Issue With Downloading Recording Transcripts From tenant-specific Zoom Endpoint

Related Topics