Issue
We have an approved Marketplace App (Coda) see link. This morning users are reporting they are unable to install the app with a OAuth page “You cannot install this app”. When I head to the Marketplace Console for the app it’s listing pending approval again. There have been zero functional change in the app.
Thanks for your response. I’ve been working with developer support on this (ticket 6513070). It appears there’s been a regression in the Zoom API where any OAuth URI that contains ‘{’ or ‘}’ in the OAuth state field will choke. We use state to track the callback context for the session and currently store a JSON encoded hash in it.
Correct. Our engineering team is aware of the issue and investigating this. While the team is yet to confirm the exact cause of error, upon initial review, they suspect the issue lies with this specific use of the state parameter. In the meantime they have advised that you revise the OAuth URL to not use a state parameter and it should resolve the authorization error.
For a quick resolution, if you still plan to use the state parameter you can try either of these options.
The engineering team is investigating this at priority and we will keep you updated on the status. Let me know if neither of these help resolve the error you are encountering.
We need state to track which specific logical connection the final Zoom credential should be associated with. I can validate that the Zoom is choking if there are any curly braces in the state parameter. I’ve addressed the issue on our end implementing the suggested workaround and we now base64 encode our state payload avoiding the issue. It’s a cleaner solution that what we had before and will be robust for all our other providers.