Hey @nathan.arora,
Can you please Private Message me your access_token and refresh_token.
We believe this is an issue on our end and are working to fix it.
Thanks for your patience,
Tommy
Hi @tommy
I am getting an error when I try to PM you. It says âSorry, you cannot send a personal message to that user.â Please advise.
Hi @tommy!
Weâre experiencing a similar issue with our app. Can you please help to figure out whatâs going on?
Our app id is U_IYrxQpTFydKKQuO9tCQw
Hey @tsykul,
Can you please provide the App Name?
Also are you using the most recent refresh token each time? Please also share the exact error message you get.
Thanks,
Tommy
@tommy App name is People.ai (weâve experienced the issue with the private app with the id above, although we have an approved app now too).
Error message is as above {âreasonâ:âInvalid Token!â,âerrorâ:âinvalid_requestâ}.
We are using the latest refresh token, although itâs possible thereâs a race condition somewhere. Is auth api idempotent?
Hey @tsykul,
Try reinstalling the app which will reset the tokens. If the issue is not a race condition on your end with the refresh token, then it is possible it is related to an issue on our end that we are releasing a fix for at the end of this month.
Thanks,
Tommy
Hey @tsykul, @nathan.arora, @alon, @roy, @shane.zoom, @ps40,
Here are updates on the Invalid Token bug:
Conditions: This problem can arise when a token is granted and then
immediately used to call a Zoom API endpoint. The server that issues
the new token sets the nbf (not valid before) time to be the time
âexactly now.â But not all servers at Zoom have synchronized
clocks. If the token is immediately used for an API endpoint that is
on a different server, that serverâs local clock may be up to a second
too slow, with a time before the tokenâs nbf time, causing the server
to reject the token.
This bug applies to:
- All token requests: Both original token grants, and refresh grants.
- All tokens: that includes JWT tokens, as well as OAuth tokens of
both grant types: authorization_code and client_credentials.
Reproducibility: This problem is either 0% or 90% reproducible: it
depends how the Zoom load balancer forwards API requests to Zoom
servers. It can happen either all the time, or not at all, depending
on your source IP address.
Fix time: We will have a fix that will roll out in an upcoming release.
Work-around: After acquiring a token, wait 1 second before using it.
Thanks,
Tommy
2 Likes
Hey @tsykul, @nathan.arora, @alon, @roy, @shane.zoom, @ps40,
UDPATE: Fixed on Sunday Jan 5th.
Thanks,
Tommy
Iâm actually also experiencing this issue on an app that I just started developing. Same issue. When trying to refresh tokens Iâm getting a 401 with
{"reason":"Invalid Token!","error":"invalid_request"}.
We are persisting the access_token and refresh_token to Firebase after initial validation, but canât ever seem to get a successful refresh.
Hey @reggieofarrell, thanks for posting and using Zoom!
Can you please share how you are making the refresh request? Feel free to private message me your request url and headers.
Thanks,
Tommy
If the access_token is expired we are making a request to refresh likeâŚ
const url = https://zoom.us/oauth/token?grant_type=refresh_token&refresh_token=${zoom_refresh_token};
return requestPromise.post(url).auth(process.env.ZOOM_CLIENT_ID, process.env.ZOOM_CLIENT_SECRET);
Iâm using a similar requestPromise (different url of course) call to get the first auth_token so that setup seems to pass the headers correctly. Iâll PM you what the error shows the request headers to be.
same issue here 
{
âreasonâ: âInvalid Token!â,
âerrorâ: âinvalid_requestâ
}
I update my token and save the new refresh token but afther 1 hour i try to refresh token agian when the ânewâ refresh token saved and i got error.
sure @tommy
this is my request.
url POST request: https://api.zoom.us/oauth/token
headers
{âkeyâ:âAuthorizationâ,âvalueâ:âBasic XXXXXXXXâ}
params:
grant_type: refresh_token
refresh_token: XXXXXX
answer:
{
âreasonâ: âInvalid Token!â,
âerrorâ: âinvalid_requestâ
}
When i get the access token i save all answer, included the refresh token. 1hr later i try to refresh token with the refresh token saved previously and get the error.
ty
Hey @ccastellanos,
This error happens when you are using an outdated refresh token, (outdated as in a newer one exists, but you arenât using the new one). Can you try uninstalling your app and reinstalling it, and make sure you are using the latest refresh token?
Thanks,
Tommy
Hi @tommy,
I am actually experiencing this issue as well, refreshing a token. I am certainly using the most recent refresh token that was provided when I got the access token.
I will DM you the refresh headers, as I saw you ask someone else for.
Thanks!
James
1 Like