oAuth and create Meeting (error 400)

API and Webhooks
1

Description
I am having issues creating a meeting through API.

My workflow:

  • I store the code in the user profile
  • for each call…
    • I try request a new access_token using the code stored in the profile
    • I try use the access_token to create a new meeting

Error

I wish I had any error message to provide. I am mostly getting an code 400 result, no explanation whatsoever

Which App Type (OAuth / Chatbot / JWT / Webhook)?

OAuth

My code

private AccessToken createToken(User user) throws Exception {
    String submitUrl = new StringBuilder("https://zoom.us/oauth/token")
            .append("?grant_type=").append("authorization_code")
            .append("&code=").append(user.getZoomToken())
            .append("&redirect_uri=").append("https://abcd.ngrok.io/zoom/auth")
            .toString();
    Executor ex = Executor.newInstance(httpClient);

    Response response = ex.execute(
            Request.Post(submitUrl).addHeader("Authorization", "Basic " + zoomAppSecret))
    );
    
    final String responseAsString = response.returnContent().asString(Consts.UTF_8);
    AccessToken accessToken = mapper.readValue(responseAsString, AccessToken.class);
    return accessToken;
}
2

got it running, no need to answer

1 Like
3

Happy to hear you got it working!

Feel free to post the solution so other developers can benefit!

Thanks,
Tommy

4

It was a misunderstanding of the workflow on my side. All oAuth workflows I had implemented until now had me re-generating tokens when they expired.

I did not understand why I could not re-generate a token once it was expired, now I understand I have to use the expiration token for that.

It makes the token management a little bit harder, as I have to store much more data on my end, and honestly, I am not sure if this is better from a security perspective. :wink:

It is the first time I have to store…

  • app credentials
  • creation date (so I can calculate expiration)
  • token
  • expiration token for renewal
  • user id

but it is up and running now. It just took me a few more roundtrips to get it up and running.

brgds

Papick

1 Like
5

Hey @pgtaboada,

That is correct.

At a minimum you’d need to store the access_token, refresh_token, user_id, and expires_in.

Thanks,
Tommy

6

Hi tommy,

I’m struggling as well to get access token
After successfully getting the User Authorization Code, I failed to get the Access Token !
My Code:
String uri = “https://zoom.us/oauth/token?grant_type=authorization_code&code=” + zoom_code + “&redirect_uri=” + WEB_PREFIX + ACCOUNT_SERVER_URL + “/access_token.php”;
URL url = new URL(uri);
HttpURLConnection connection = (HttpURLConnection) url.openConnection();
connection.setRequestProperty(“Content-Type”, “application/json”);
connection.setRequestMethod(“POST”);
String client_id_and_secret = “PaVU8EC8QCGR7CLwcdWDUA:lCtfhplFmbl4yLbl4YLH8opejiy3gWvz”;
byte results = client_id_and_secret.getBytes(UTF_8);
connection.setRequestProperty(“Authorization”, "Basic " + new String(Base64.encode(results, Base64.NO_WRAP)));
resCode = connection.getResponseCode();

The resCode I get is either 403 or 401 or 400

Please advide,
Thank you,
Efy

7

OK Tommy,

I managed to solve the problem.
In your documentation:
" HEADERS: {"Authorization": "Basic {BASE64ENCODED_CLIENT_ID}:{BASE64ENCODED_CLIENT_SECRET}"}"
You mislead us a bit as the true answer is:
" HEADERS: {"Authorization": "Basic BASE64ENCODED(CLIENT_ID:CLIENT_SECRET)"}"

Please fix it in - Error in Refreshing with refresh tokens

BR,
Efy

1 Like
8

Hey @efysegal,

Thanks for pointing that out! It is now fixed! :slight_smile:

-Tommy