@xschen thank you! That helped me a lot!
Looks like while in zoom-client it also uses ‘plain’ by defualt so code_verifier and code_challenge need to be ęqual as well.
Additionally when using s256, code_challenge should not be base64 encoded.
It’s defenetely worth updating this post: Zoom OAuth 2.0 Proof Key for Code Exchange (PKCE) Flow and example app to match defaults. Hopefull someone from zoom will take care of it