Oauth 2.0 token received but 400 Bad Request from GET

noel.miller · September 20, 2022, 9:40pm

Description
What is wrong with the request?

Able to do grant_type=client_credentials and zoom.us oauth/token endpoint returns temp token
Error is: 400 Bad Request from GET https://api.zoom.us/v2/users/{USERID}/meetings

Troubleshooting steps

Tested this endpoint with a temp admin generated JWT token and it worked.
Tried regenerating keys, tokens, etc.
Scoped admin privileges everything because we don’t know what is wrong.

We have the “Business Plan” so API should be available. Note: this is “server-to-server or two-legged OAuth” running with Java spring-boot.

What makes me think the token response works?

It wouldn’t return a token if that part of our code was broken
if I put a bogus token in the Bearer Auth it has a different error: 401 Unauthorized from GET
Here’s what is returned:

{"access_token":"{TOKEN}","scope":"account:read:admin account:write:admin contact:read:admin dashboard_crc:read:admin dashboard_home:read:admin dashboard_im:read:admin dashboard_meetings:read:admin dashboard_webinars:read:admin dashboard_zr:read:admin group:read:admin group:write:admin h323:read:admin h323:write:admin imchat:bot meeting:read:admin meeting:write:admin meeting_token:read:admin:live_streaming meeting_token:read:admin:local_archiving meeting_token:read:admin:local_recording recording:read:admin recording:write:admin user:read:admin user:write:admin webinar:read:admin webinar:write:admin webinar_token:read:admin:live_streaming webinar_token:read:admin:local_archiving webinar_token:read:admin:local_recording","token_type":"bearer","expires_in":3600}

Note: Zoom Developer Documentation clearly states that:
“The Client Credentials grant is used to get an access token for APIs that require only a service’s permission. This grant does not require a user’s permission. For Zoom APIs, use the Client Credentials grant to get an access token from Zoom for the Server-to-Server OAuth app type or to get an access token from the Chatbot service in order to use the Send Chatbot Messages API.”
client_credentials is not limited to chat bots as this post suggests.

Thanks for any help you can provide.
Noel

elisa.zoom · September 20, 2022, 11:16pm

Hi @noel.miller
Thanks for reaching out to the Zoom Developer Forum, I am happy to help here!
My question is, are you using a Server-to-Server OAuth app?
If you, you should be passing account_credentials as your grant_type and the account_id in your query params.

So your request should look something like this:

https://zoom.us/oauth/token?grant_type=account_credentials&account_id={accountID}

Also, here is a link to our Docs: Create a Server-to-Server OAuth app

Hope this helps,
Elisa

noel.miller · September 20, 2022, 11:25pm

Thank you so much. Worked like a charm!

Noel

elisa.zoom · September 21, 2022, 11:29am

Glad that helped!
Cheers,
Elisa

Topic		Replies	Views
Getting "Bad Request" when trying to create a new meeting Meetings	3	682	June 28, 2022
I am getting error 400 Bad Request API and Webhooks faq	5	14039	August 8, 2020
Generate a new access token getting Bad Request 400 error API and Webhooks	5	223	January 7, 2024
Not able to create new meeting Meetings api	3	187	December 28, 2023
400 on List Meetings Meetings	1	128	January 8, 2024

Oauth 2.0 token received but 400 Bad Request from GET

Related Topics