Login again with OAuth

API and Webhooks
1

Description
Hello, I have a next problem.
I’m developing app where I do not want to persist any data about the user.
So, my case is next:

  1. User comes to my app
  2. User authorizes through Zoom OAuth
  3. My app now get access_token and refresh_token, and store it, for example, in memory
  4. During user session, I use this tokens for using Zoom API.
  5. After session expires and user is gone, I drop his access_token and refresh_token.

    After a while user come back again and tries to authorize through Zoom OAuth. As far as I understand, now he can’t get new token without old refresh_token ? So, to use my app again he had to reinstall it, right?
    Am I right, and Are there any workarounds ?

Another question
Even if I persist tokens for users, what can I do when user is trying to login again through Zoom, or trying to login from another device?
In this case, My app only will get ‘code’, and will not able to get access_token with this code (because tokens was already created before).
But my app can not detect user by code, so my stored tokens are useless.

Thanks a lot for your answers

Thanks a lot for your answer

Which App Type (OAuth / Chatbot / JWT / Webhook)?
OAuth

2

You can always regenerate the access_token by going through the full Authorization process again to “install” the app, even if it’s already installed. You don’t need a refresh_token to trigger Authorization.

This is a common use-case for OAuth where you do not want to store any user tokens.

1 Like
3

Hey @ankochem,

Like @samly said, currently Zoom OAuth only supports one set of access / refresh tokens at a time, so in order to use Zoom OAuth through a different device, just take your users to the authorize url again, and save the latest tokens if you would like to store them.

Let us know if you have additional questions.

Thanks,
Tommy