Hi Zoom team,
I’d like to confirm an OAuth behavior we are observing.
We have:
-
A single Zoom OAuth app
-
Multiple environments (DEV / QA / PROD) using Nylas, where each environment represents a different OAuth client on the Nylas side
-
When I test different environments I use the same Zoom account
Our Zoom OAuth app is integrated via Nylas to create Zoom meetings.
When the same Zoom user authorizes the app in one environment, everything works fine.
However, when the same user later authorizes the app in another environment, the OAuth token from the previous environment appears to become invalid, causing API calls (for example, creating a meeting) to fail. This is only a problem now that we are testing with DEV and QA at the same time. Was good before when using only DEV, or only QA. Just want to make sure this isn’t a concern when we move to PROD soon. Which in PROD users will not be logging in different environments.
Could you please confirm:
-
Whether a Zoom user account can have only one active OAuth authorization/token at a time per app, and
-
Whether issuing a new OAuth token for the same user automatically revokes any previously issued token?
Also in a side note: I was checking Okta documentation (not the same as Nylas but they use the same Zoom OAuth method) and they say this:
Which I think confirms what I suspect.
Thanks in advance for confirming this behavior.
Best regards,
Miguel