And when I follow the redirect, it says Invalid Token. Looking at the host I found the primary endpoint is this us04file.zoom.us. Is it some issue? Or has the host for file upload API been changed?
@Ns19 I think I have a pretty good idea what the problem is because I have experienced it myself some time ago. I wasn’t using curl, but the underlying problem was the same: the bearer token is omitted when a HTTP request is redirected. Let me try to explain:
Most modern HTTP clients have a built-in security feature that prevents authentication information such as username+password or a bearer token to be be included when following a HTTP 307 Temporary redirect. This is done to avoid leaking authentication information to a web site that may be different than the site where you sent your original request.
In the case of uploading a file to the Zoom API using curl, the sequence of events is something like this:
Zoom responds with HTTP 307 Location https://us04file.zoom.us/v2/blablabla
curl follows the redirect but, for security reasons, omits the bearer token
Zoom throws an exception because there is no bearer token associated with the request
To be clear: this situation is intentional on the part of curl in order to avoid leaking sensitive information and also this situation is not specific to curl. For instance, I personally experienced this problem with Microsoft’s HTTP client for .NET as I described here. I don’t know for a fact but I’m pretty sure the HTTP client in most modern languages such as Java, Python, etc. behave the same way.