Request access token failed with 500 error

API Endpoint: https://zoom.us/oauth/token

Error Message

HTTP/2 500 
date: Thu, 11 Apr 2024 12:28:36 GMT
content-type: application/json;charset=ISO-8859-1
x-zm-trackingid: v=2.0;clid=us06;rid=WEB_a81257f55cf363e15bc00a2bc5bb3c2d
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests; default-src https://*.zoom.us https://zoom.us blob: 'self'; img-src https: about: blob: data: 'self'; style-src https: safari-extension: chrome-extension: 'unsafe-inline' data: 'self'; font-src https: safari-extension: chrome-extension: blob: data: 'self'; connect-src * about: blob: data: 'self'; media-src * rtmp: blob: data: 'self'; frame-src https: ms-appx-web: zoommtg: zoomus: wvjbscheme: zoomprc: data: blob: 'self'; object-src 'none'; base-uri 'none';script-src 'self' 'strict-dynamic' 'nonce--oboe9M4QACNu6OfdL3OOg' blob: https:;
x-frame-options: SAMEORIGIN
set-cookie: zm_aid=; Max-Age=0; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Domain=zoom.us; Path=/; Secure; HttpOnly
x-zm-zoneid: VA
cache-control: no-store
pragma: no-cache
content-language: en-US
cf-cache-status: DYNAMIC
set-cookie: zm_haid=; Max-Age=0; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Domain=zoom.us; Path=/; Secure; HttpOnly
set-cookie: zm_tmaid=; Max-Age=0; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Domain=zoom.us; Path=/; Secure; HttpOnly
set-cookie: zm_htmaid=; Max-Age=0; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Domain=zoom.us; Path=/; Secure; HttpOnly
set-cookie: cred=80E3CEC02E220D39B05A54A6B87A032B; Path=/; Secure; HttpOnly
set-cookie: _zm_page_auth=us06_c_7J1N_TyKSyuLF6rtMH2O0Q; Domain=zoom.us; Path=/; Secure; HttpOnly
set-cookie: _zm_ssid=us06_c_xdaVawFjQKGM5Q_yLTLKKw; Domain=zoom.us; Path=/; Secure; HttpOnly
set-cookie: _zm_ctaid=5U26QMh3TXKFWWhy6BVBXA.1712838516905.7914cff7c3117e8a02577036d7c97899; Max-Age=7200; Expires=Thu, 11 Apr 2024 14:28:36 GMT; Domain=zoom.us; Path=/; Secure; HttpOnly
set-cookie: _zm_chtaid=444; Max-Age=7200; Expires=Thu, 11 Apr 2024 14:28:36 GMT; Domain=zoom.us; Path=/; Secure; HttpOnly
set-cookie: _zm_mtk_guid=a9a18514ed844061815a3849ad60a90d; Max-Age=63072000; Expires=Sat, 11 Apr 2026 12:28:36 GMT; Domain=zoom.us; Path=/; Secure
set-cookie: _zm_ctaid=PLXU8wVIRKW-ZvmSc2fHgw.1712838516924.20dfd40dac3534940f63495f3eb4a1d2; Max-Age=7200; Expires=Thu, 11 Apr 2024 14:28:36 GMT; Domain=zoom.us; Path=/; Secure; HttpOnly
set-cookie: _zm_chtaid=363; Max-Age=7200; Expires=Thu, 11 Apr 2024 14:28:36 GMT; Domain=zoom.us; Path=/; Secure; HttpOnly
set-cookie: _zm_mtk_guid=7ceb9a9a2c5d460e804a3147d2e3424e; Max-Age=63072000; Expires=Sat, 11 Apr 2026 12:28:36 GMT; Domain=zoom.us; Path=/; Secure
set-cookie: _zm_csp_script_nonce=-oboe9M4QACNu6OfdL3OOg; Domain=zoom.us; Path=/; Secure; HttpOnly
set-cookie: _zm_currency=USD; Max-Age=86400; Expires=Fri, 12 Apr 2024 12:28:36 GMT; Domain=zoom.us; Path=/; Secure
set-cookie: _zm_visitor_guid=7ceb9a9a2c5d460e804a3147d2e3424e; Max-Age=31536000; Expires=Fri, 11 Apr 2025 12:28:36 GMT; Domain=zoom.us; Path=/; Secure
set-cookie: __cf_bm=CcV4hoOCN1VXHC.j5u6qAyyQp0OzMaNgfyxay.dkzJQ-1712838516-1.0.1.1-gCNR1c0SaIN7s7pjop097ePvdtJ4.nMLibUdBqFga3eyF7NCBmWvxzt1px7LgaCsDDDcRPaEGX37SDMNVrD0kQ; path=/; expires=Thu, 11-Apr-24 12:58:36 GMT; domain=.zoom.us; HttpOnly; Secure
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=znVlz7JmQubGQFdyWbS1CgezQKtOzw0PyiT3psxgbfLyrTj%2F2wKEYtdIcR388Ds6qGcJka64BVdiKH08k%2FUsttg4zFG1wtMhGc65FJxf%2BckeaW0tpW8Pn7E2fRuCURWGYd7XNYs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 872afa393c3aa718-PHX
alt-svc: h3=":443"; ma=86400

My PHP Code

    $token_url = "https://zoom.us/oauth/token";
    $header = ["Authorization: Basic " . base64_encode("$client_id:$client_secret")];

    $fields = [
        "grant_type"   => "authorization_code",
        "code"         => $_GET["code"],
        "redirect_uri" => $redirect_uri,
    ];

    $fields_string = http_build_query($fields);

    $ch = curl_init();

    curl_setopt($ch, CURLOPT_URL, $token_url);

    curl_setopt($ch, CURLOPT_POST, true);
    curl_setopt($ch, CURLOPT_HEADER, true);
    curl_setopt($ch, CURLOPT_NOBODY, false);

    curl_setopt($ch, CURLOPT_HTTPHEADER, $header);
    curl_setopt($ch, CURLOPT_POSTFIELDS, $fields_string);

    curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);

    $response = curl_exec($ch);
    $httpcode = curl_getinfo($ch, CURLINFO_HTTP_CODE);
    $header_size = curl_getinfo($ch, CURLINFO_HEADER_SIZE);
    $header1 = substr($response, 0, $header_size);
    $body = substr($response, $header_size);

    echo "<pre>";
    echo  $_GET["code"];
    echo "\n\n";
    if ($httpcode == 200) {
        echo $body;
    } else {
        echo "HTTP code: $httpcode";
        echo "\n\n";
        echo $header1;
        echo "<iframe>";
        echo $body;
        echo "</iframe>";
    }
    echo "</pre>";

    curl_close($ch);

@zm.admin can you do something like this?

https://php.asdc.cc/#Tab2

Thank you for your reply. The problem was with my code, it was because of no scope setting