JWT tokens and expiration

My Question:
Can there be multiple valid tokens on any single API Key?

Error/** Issue **
We get that invalid token error at times even though our token is not expired, which leads to internal debate. I think that the token is valid until it expires, the other guy things that if you go to the marketplace and create a new token it replaces the old. This does not make sense to me as the token is simply is the id and expiration date with an algo signature, and you can use the algorithm to parse the key later and see if it’s valid. We can create a key internally even and as long as it’s signed correctly then zoom can parse it out and see the key and expiration and honor it accordingly.

Which App Type (OAuth / Chatbot / JWT / Webhook)?
JWT

Which Endpoint/s?
When the invalid token message comes back it’s on any endpoint.

How To Reproduce (If applicable)
Apparently something fubar’s the account at zoom because it just happens and then there is nothing we can do to fix it until someone there at zoom resets something (which is really, fabulously annoying as on Monday we really needed to use it and couldn’t).

Screenshots (If applicable)
It’s the invalid access token error

Additional context
I see other questions in the forum regarding this and they ask for the client ID so they can reset something. When we get the error we try new keys (they always validate at JWT.io) we disable and enable the JWT app in the marketplace, etc. Eventually someone will submit a support request and it starts working, but the guy who’s supposed to do that is always reluctant and I waste hours messing with it first! So, I would like to know if only one token at a time will work, or if any non expired (validly created) token that has worked in the past will work until it expires.

Thanks!

Hey @rgenandt,

Thank you for reaching out to the Zoom Developer Forum. This definitely isn’t the expected behavior when it comes to using JWT. You should be able to generate multiple JWT tokens and use them before they expire.

Please send an email to developersupport@zoom.us with a link to this thread. In that email, please provide a timeframe where you last saw this and if possible the JWT token. If you are also able to link to the previous support instance that should help too.

Thanks,
Max

Thanks MaxM -
Just answering the question regarding the token helps me out. I don’t know what happens on the Zoom end to cause that invalid token error, we change to a new token, sometimes regenerate our secret, we try to disable and enable the JWT app, and nothing works…and then, later - it works.

If you know of something that we can do from the client/developer side to kick start it when it’s like that, that knowledge would be much appreciated!

Hey @rgenandt,

Thanks for following up on this. I haven’t heard of that behavior before so I would need to look into this further or have a way to reproduce the issue on my end.

As long as you are ensuring the token isn’t expired you should be able to reuse it.

Thanks,
Max

I am sending an email with one of the tokens that didn’t work, but I don’t have a copy of the old secret. I will try to do a better job of keeping the data and documenting when / if it happens again! I am not the one that calls in for support - this is a client that has their own team in house as well, medical facility that is trying to move to Zoom from Doxy.Me for their tele visits.

Hey @rgenandt,

Got it, I appreciate the background. Any information you can gather should be helpful to pinpoint the issue here.

Thanks,
Max