JWT integration - 401 Unauthorized response code":124,"message":"Invalid access token

Hello. I’m trying to set up a simple API Integration to be able to fetch statistics over meetings.

Since I’m doing this from another system, I’m using the JWT approach. But for some reason, the generated token can’t be used. I have no intention of publishing my app. Since this is just so I can automatically fetch the report data from this endpoint. So I can read, minutes in conference calls, and number of meetings from each user.

This is the error code I get when I run my code.
{"code":124,"message":"Invalid access token."}

I use PHP and here is the code I use to fetch the token.

use Firebase\JWT\JWT;

public function getToken() {
  $key = '{MyKey}';
  $secret = '{MySecret}';
  $token = array(
    "iss" => $key,
    "exp" => time() + 60
  return JWT::encode($token, $secret);

I then have a function to fetch the userdata like this.

public function getUserData($from, $to) {
	$token = $this->getToken();
	$url = "https://api.zoom.us/v2/report/users?from={$from}&page_number=1&page_size=30&to={$to}&type=active";
	$client = new Client();
    try {
      $response = $client->request('GET', $url, [
        'headers' => [
	      'Authorization' => 'Bearer ' . $token,
	      'Accept'     => 'application/json',
    } catch (ClientException $e) {
      $response = $e->getResponse();
      $responseBodyAsString = $response->getBody()->getContents();
       return response(['success' => false, 'message' => $responseBodyAsString], 404);
    return json_decode($response->getBody());

I don’t know if there is something I need to do in my App settings to make this work.
So how do I make this work?


Are you able to run the cURL command in your terminal or Postman?

If yes, can you please send the cURL command?

I solved this. I had the wrong app settings so created a new app with this settings. Now it works.

I am also facing the same problem as Edvard (not sure if it makes sense to start a new thread). I’m using JavaScript and just verified that I’m able to call upon the meetings of an individual but when I try to get the registrants endpoint or the past_meeting registrants with the UUID i encounter the “code”: 124, “message”: “Invalid access token.” error. I’m using Postman to verify that I can move ahead and implement into my code but having no luck. Like, Edvard I checked and found that my app has also been configured as an Account-level app and i created a JWT token from the ’ App Credentials’ tab after filling in my api key and secret. Assitance on what steps to take next would be greatly appreciated!

Hi @alex2,

What is your app name/ID? Usually an “invalid access token” means that something is wrong with your JWT access token. How are you generating your JWT token. Also, can you post the full request payload as well?

1 Like

Hi Michael,

Sure, see a screenshot below. The first step was for me to fetch the meetingId (this I had no issues with). The second step (see screenshot) is me attempting to use the meetingId in Postman but returning the “code”: 124, “message”: “Invalid access token.” error.

The app name is ‘Affinity JWT App’. Unsure where I can find the ID. As mentioned previously, I’m generating the JWT token from the app where I click ‘View JWT Token’ after inputting my api key & secret into the UI. Hope that gives you a bit more clarity. Let me know if I can address anything else!
Thank you!

Hi @alex2,

  1. Can you logout and log back into marketplace, then try to copy & paste the sample JWT token as see if that works? Also, keep not of the expiration time of the JWT token. It’s usually set to 90 mins.

  2. Can you remove the occurance_id : string in the query params.

  3. Can you make sure the authorization is set properly within Postman?

  4. Can you click on code share the curl snippet? I want to make sure all properties are set correctly.

1 Like

Hi Michael,

Okay. The steps I took are as follows:

  1. Logged out then logged back in.
  2. Set the expiration time on my JWT token to 1 week.
  3. Copied token into Postman and tested /users endpoint - worked.
  4. Tested out registrant endpoint and I think the error is a positive sign { "code": 300, "message": "This meeting has not registration required: 335353228" }

your requested code is as follows:

GET /v2/meetings/335353228/registrants?status=approved& page_size=30& page_number=1 HTTP/1.1 Host: api.zoom.us Authorization: Bearer eyJ0eXA... User-Agent: PostmanRuntime/7.15.2 Accept: */* Cache-Control: no-cache Postman-Token: 1568a... Host: api.zoom.us Cookie: _zm_mtk_guid=84cc74ca...; cred=63737B19... Accept-Encoding: gzip, deflate Connection: keep-alive cache-control: no-cache

Based off of the response, I’m guessing I should try and find a better meeting to find people that registered (or find a way via api to find the email addresses associated with the meeting).
Note: Even though the Authorization was already configured to inherit auth from parent for the users endpoint I had to manually set it for the meetings as well. Something I hadn’t thought to check during the first iteration.

Hey @alex2, thanks for trying this out.

The error message { "code": 300, "message": "This meeting has not registration required: 335353228" } means you are trying to register a user for a meeting that does not have registration enabled.

To enable registration on a meeting, click the registration required checkbox in the meeting settings,

or if you are creating the meeting via the API, make sure to have these settings in the request body.

  "topic": "Meeting with Registration",
  "type": 8,
  "start_time": "2019-08-30T00:00Z",
  "duration": 30,
  "settings": {
    "use_pmi": false,
    "approval_type": 0

Let me know if this helps!


Hi Tommy,

Thanks for the thoughtful response. Unfortunately, I feel that requiring registration isn’t conducive to our workflows so I may need to find an alternative route. Ideally, I’m looking for a way to retrieve all the members who took part in the Zoom call, I would think that the /past_meetings/{meetingUUID}/participants endpoint would suffice but it’s returning { "code": 3001, "message": "This meeting is not available or ID is not valid." }
I searched the Dev Forum to see if I could any previous answers, but no luck.
Any thoughts?

Happy to help!

Yes the /past_meetings/{meetingUUID}/participants is the endpoint you want.

What is the meeting id or meeting uuid you are passing in so I can look at the logs?


Hi Tommy,

Editing my answer, because I noticed that when I tried to fetch https://api.zoom.us/v2/report/meetings/204883073/participants in AppScripts I received the same error as I previously encountered with Postman “code”: 124, “message”: “Invalid access token.” (I double checked and it is still working fine in Postman). This is unfortunate because this is where I’m actually trying to fetch data whereas Postman is used as a testing ground. The curious part is that I have double checked my bearer token (they are the same in Postman and in my code), and again I am able to fetch all the meetings of a given user - so I’m inclined to think that my headers and options are configured appropriately. Nonetheless, here’s a copy of them (Bearer hidden for obv reasons).
var options = { muteHttpOptions: true, headers: { 'User-Agent': 'Zoom-api-Jwt-Request', 'content-type': 'application/json', 'Authorization': 'Bearer eyJ0eX...' }, json: true // Automatically parses the JSON string in the response };
Any clue why I might be getting this error in Google AppScript?

Hey @alex2,

If it’s working in postman with your JWT, it sounds like something is not setup correctly with Google AppScript. I have not worked with Google AppScript before so I can’t provide much guidance here.

If you post your full request code I can try to help debug.


When im using postman it works ,but when im trying to hit from my web page its shows “Invalid access tocken”

Hey @chavanmangesh245,

Looks like you are not passing in any authorization.

You can try your same request with the following query param: ?access_token=JWT_TOKEN_HERE