Server returned HTTP response code: 400

Using this template helps us debug your issues more effectively :slight_smile:

I have the apiKey and secret for a “user-managed OAuth2 app” and the permission “scope meeting:read” “meeting:write” and “user:read”.
With this I can generate a token.
However, for all the following actions I get the HTTP response code: 400
e.g.: Server returned HTTP response code: 400 for URL:

Error Server returned HTTP response code: 400 for URL:

Which App Type (OAuth / Chatbot / JWT / Webhook)?

Which Endpoint/s?

How To Reproduce (If applicable)
public static String getZoomUserInfo(String zoomApiKey, String zoomApiSecret) throws OAuthSystemException, OAuthProblemException, IOException {
String getUrl = “”;
URL url = new URL(getUrl);
HttpURLConnection con = (HttpURLConnection) url.openConnection();
//con.setRequestProperty(“Content-Type”, “application/json”);
con.setRequestProperty(“Authorization”, "Bearer " + OAuthTools.getZoomOAuthToken(zoomApiKey, zoomApiSecret));
BufferedReader in = new BufferedReader(
new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer content = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
return content.toString();

public static final String TOKEN_REQUEST_URL = "";
   public static String getZoomOAuthToken(String clientID, String clientSecret) throws OAuthSystemException, OAuthProblemException {

	   OAuthClient client = new OAuthClient(new URLConnectionClient());

        OAuthClientRequest request =
        OAuthJSONAccessTokenResponse oAUthResponse = client.accessToken(request, OAuthJSONAccessTokenResponse.class);
        if (oAUthResponse != null) {
        String token = oAUthResponse.getAccessToken();

		return token;

Hey @fritz.tester,

Thank you for reaching out to the Zoom Developer Forum. Are you able to share the response body you’re seeing with the 400 status code?


Hey Max,

thanks for answering.
The respose returns the following as an error stream, even though these credentials were used to generate the token previously:
REsponseCode 400
{“code”:200,“message”:“Invalid api key or secret.”}

Since I also have a long-lived token, I alternatively tried to get a refresh token. However, this already returns response code 400 when requesting the token.

TokenRequestBuilder builder = OAuthClientRequest
builder = builder.setRefreshToken(refreshToken);
OAuthClientRequest request = builder.buildQueryMessage();
request.addHeader(“Accept”, “application/json”);
request.addHeader(“Content-Type”, “application/json”);
// request.addHeader(“Content-Type”, “application/x-www-form-urlencoded”);
OAuthClient oauthClient = new OAuthClient(new URLConnectionClient());

OAuthJSONAccessTokenResponse oAUthResponse = oauthClient.accessToken(request, OAuthJSONAccessTokenResponse.class);

Am grateful for any help.

I have solved the problem.
The correct gant_type for me was refresh_token.
The problem was that the refresh_token can only be used once.
With the access_token you get a new refresh_token that you have to use for the next access_token.

1 Like

Happy to hear you got the issue sorted out @fritz.tester ! :slight_smile:

Let us know if we can help with anything else.