onAuthorized event not firing on custom domain - works on ngrok

EricChong · January 23, 2026, 5:54pm

Issue

The onAuthorized event from the Zoom Apps SDK is not firing after a user clicks “Allow” on the consent dialog when my app is hosted on a custom domain. The same code works correctly on ngrok.

Environment

SDK Version: @zoom/appssdk 0.16.36
Zoom Client: 6.6.11.70003 (Mac)
Domain: Custom domain on Azure Static Web Apps
In-Client OAuth: Enabled

Steps to Reproduce

Open Zoom meeting as host
Launch app from Apps panel
Consent dialog appears
Click “Allow”
zoomSdk.authorize() returns {"message":"Success"}
Expected: onAuthorized event fires
Actual: Event never fires, times out after 60 seconds

Key Finding

Test	Result
ngrok domain	Works
Custom domain	Fails
ngrok app with Home URL set to custom domain	Fails

This proves the issue is domain-specific.

Diagnostic

Added window.addEventListener('message', ...) to capture all postMessages.
Result: No postMessage is received from Zoom when clicking “Allow”.

Configuration Verified

Home URL matches OAuth Allow List
Domain Allow List includes my domain
In-Client OAuth enabled
authorize and onAuthorized in SDK capabilities

Has anyone else experienced this? Is there additional domain validation beyond the OAuth Allow List?

Topic		Replies	Views
Domain List Dilemma Zoom Apps	11	706	November 3, 2022
Zoom Sdk.onAuthorized is not called when I call authorize in the open app on Android Zoom Apps	4	301	May 4, 2023
zoomSdk.onAuthorized is not triggred Zoom Apps	3	643	December 23, 2022
In-Client Auth flow in Zoom Linux desktop client API and Webhooks	1	152	January 12, 2025
OAuth 403 error in Development environment for General App Authentication	1	113	April 28, 2025