Randomly receiving "Invalid access token" for Server-to-Server OAuth

david5 · September 15, 2022, 2:30pm

For posterity and anyone else who happens to run across this thread while scratching their head about how Server-to-Server OAuth works:

Requesting a new Server-to-Server OAuth token invalidates the previous one.
Zoom can increase the “index” count for your account, allowing you to request different tokens with different indexes that do not interfere with each other (i.e. requesting a token for index 1 doesn’t invalidate the token requested for index 2).
The token index is specified in the call to https://zoom.us/oauth/token by passing the token_index query parameter (https://zoom.us/oauth/token?token_index=2)

This should allow folks to build out a background oauth token rotation strategy where the token is updated in a central place, using a new index value (e.g. database, AWS SSM or secrets manager, etc.) allowing applications to continue using the previous token until they can read the new value from the central location.

Topic		Replies	Views
Server-to-Server app. type. Randomly getting Code 124, “Invalid access token.” API and Webhooks api	2	274	April 28, 2024
Getting 124 "Invalid access token." errors API and Webhooks	3	860	October 9, 2023
Invalid access token - Server-to-Server OAuth Authentication	6	1458	September 27, 2022
Server to Server OAuth tokens and concurrent usage (e.g. web apps) API and Webhooks server-to-server	7	1357	December 6, 2023
Previous Oauth Token is no more working Users and Groups api , server-to-server , s2s-oauth	5	875	April 20, 2023

Randomly receiving "Invalid access token" for Server-to-Server OAuth

Related Topics