OAuth Tokens invalidated after login with same account elsewhere?

My app is currently using OAuth at a user account level to access the Zoom API.

I have run into an interesting issue and would love some insight.

The OAuth works great, however, I have noticed occasionally that request will return 401 unexpectedly and before its expire time. After investigating, it appears that the token has been invalidated.

I created a couple environments for testing of my app, and I have noticed that if I get a token for the user account in one environment, then get a token for the same user account in another environment, then return to the first environment and try to use the API, I get a 401 error, because the old token is no longer good.

Heck, the issue occurs if I do this in the same environment with two different browsers.

It seems counterintuitive to me that only one token set can be used at a time, and this is intended as a user-level token to enable the user to manage their meetings from our portal.

Did I set up the app wrongly in the marketplace? Or is there a hard line in the sand that only one token can ever be active at a time and thus I’m going to have to re-think how I handle managing a user’s zoom data?

Hey @Randolpho,

Currently we don’t support multiple tokens for OAuth, however, we are in the process of developing this.

(ZOOM-88936). Stay updated here: https://marketplace.zoom.us/docs/changelog

Thanks for you patience,

Well that’s disappointing, but I can work around it.

1 Like

Yes, please implement a work around until we support it.


Hi @tommy,

I had the same question as @Randolpho and found this thread. For us, it is a bit harder to work around.

Do you know if this feature / bug is to be addressed soon?

Also, you mention “ZOOM-88936”, what looks like a feature / bug code in your response. Is this surfaced anywhere that I can see?

I followed the link to the Zoom changelog, but I don’t see any codes or any way to search or get alerted.


Hey @felix,

We have this on our roadmap to implement.

This is for internal tracking :slight_smile:


Thanks for the response! I built a workaround.

Best regards.

Great, glad to hear it works currently @felix - let us know if there’s anything we can help with in the mean time.