{"reason":"Invalid Token!","error":"invalid_request"}

Description
I am unable to refresh access tokens

Error
I constantly get this error:
{"reason":"Invalid Token!","error":"invalid_request"}

Which App Type (OAuth / Chatbot / JWT / Webhook)?
Oauth

Which Endpoint/s?
https://zoom.us/oauth/token

How To Reproduce (If applicable)
Steps to reproduce the behavior:

curl -X POST -H "Content-Type:application/x-www-form-urlencoded" \ --user {client-id}:{client-secret} \ --data 'grant\_type=refresh\_token&refresh\_token={refresh-token}' \ https://zoom.us/oauth/token

Additional context
I am not sure why this isn’t working. When I get the initial access token, I can make requests just fine. I store the refresh token and when the access token expires after an hour, I try to refresh it and get this error.
According to the docs (https://marketplace.zoom.us/docs/guides/auth/oauth#refreshing), I should set grant_type and refresh_token as query params. However, someone notes (REST API error on OAuth token refresh) that it should really be form encoded. But neither seem to work for me. My app is listed on the marketplace.

I see that some people make the mistake of not storing the latest refresh token but that is not the case here, because I get this error on the first attempt. I also see that some have had issues when using the new access token immediately after receiving it but that is obviously also not the case as I never receive a new one :slight_smile:. I am not sure what to do from here.

Hey @kristian,

What is your app name?

Are you able to make the refresh request via Postman?

Thanks,
Tommy

Hi Tommy,

App name is Submotion. It doesn’t seem to work for me:

@tommy I can send you the clientid and secret in a DM or something if you want

Any hints on how to debug this would be greatly appreciated. It’s quite frustrating to work with because I have to re-authorize and wait for the token to expire to try something out and I don’t know what else to try at this point.

Hey @kristian,

I have just DM’d you.

Thanks,
Tommy

Hi Tommy,

We have business account, In SDK when joining meeting it is giving error. here is detail-

localJsonpCallback({status: false, errorCode: 200, errorMessage: “The signature has expired.”})
errorCode: 200
errorMessage: "The signature has expired."
status: false

And when we click on ‘RETRY’ button zoom environment is loading. here is screenshot -

Signature I am creating through java version at server side which you are providing in below portal -

I tested different browser and also cleared cache, and added SetTimeOut on ZoomMtg.join() but did not helped.

Date format sample : 2020-08-31T16:49:18Z
Type : 1

SDK Version : 1.7.10
JWT App : DevTokenApp

Appreciate if you provide me a quick help. Let me know how can share you detail in private message if required. I am using JWT token?

Nikhil

So for future visitors of this thread, it seems to be resolved for me now. I didn’t change any code, so I am not sure what caused it. I did do one thing though, with Tommys help: I went to the “Test the App Locally” tab in the management UI, clicked “uninstall” and then “install”.

I have had one report of an invalid token after doing this, but I am currently unable to reproduce it so I am crossing my fingers that it’s now working.

Hey @nsaxena,

Please create a topic here: #web-sdk :slight_smile:

Thanks,
Tommy

Hey @kristian,

Thanks for sharing your solution! :slight_smile:

Please let me know if you run into the issue again.

Thanks,
Tommy

I am having the same issue with my user managed app. All token refresh requests get the same invalid token error. I’ve ensured all the needed headers are present and that I am for sure sending the refresh token. The initial token works for all requests, but I can never refresh them. Any debugging suggestions?

Hey @hurle170,

Are you able to reproduce the issue in Postman? Typically the issue relays in the logic within the code implementing the OAuth flow.

Please create a new topic since this one is solved. :slight_smile:

Thanks,
Tommy