API Endpoint(s) and/or Zoom API Event(s)
GET users/
Description
I am trying to use server-to-server oauth to access details of a user by calling the GET users endpoint.
I can obtain the server-to-server access token successfully.
I have given my Server-to-Server app the scope /user:read:admin
When I examine the scope returned along with the access token, this scope is definitely present.
Every attempt to call the GET users endpoint results in the error
401
124 Invalid Access token
I have seen that others have a similar issue intermittently where multiple processes are obtaining access tokens. This is not the case for me - I have only one process.
It has never worked.
Error?
HTTP/1.1 401 Unauthorized
Date: Tue, 29 Nov 2022 21:51:51 GMT
Content-Type: application/json;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-zm-trackingid: v=2.0;clid=aw1;rid=WEB_a5498820a56b632b9de14b5811051802
x-content-type-options: nosniff
Cache-Control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
set-cookie: zm_aid=""; Domain=.zoom.us; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/; Secure; HttpOnly
x-zm-zoneid: VA2
content-disposition: inline;filename=f.txt
set-cookie: zm_haid=""; Domain=.zoom.us; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/; Secure; HttpOnly
set-cookie: zm_tmaid=""; Domain=.zoom.us; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/; Secure; HttpOnly
set-cookie: zm_htmaid=""; Domain=.zoom.us; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/; Secure; HttpOnly
set-cookie: cred=FC490C795A208B660124EA59A1D5C191; Path=/; Secure; HttpOnly
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MFI1byhKhlLqsRf7aZtGaIXFGJyu5rcD%2B3ZJ%2FH%2FYRrpFIqzmToJ0%2FKnFj2tbrFN0t48XVukq2qy5WJ0en%2FGBwbnauDEfLH7ekWYxFQKLuYpV%2BcqFYMOzPRflNW4T"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 771e91292ebbdc31-LHR
{"code":124,"message":"Invalid access token."}
How To Reproduce
- Call token endpoint with account_credentials grant type:
https://zoom.us/oauth/token?grant_type=account_credentials?account_id=XXXXXXX
- Call users endpoint, including the returned access token from step 1
GET /V2/users/***REDACTED*** HTTP/1.1
Authorization: Bearer ***REDACTED***
User-Agent: PostmanRuntime/7.29.2
Accept: */*
Postman-Token: 90622bc1-58c5-4d23-a9d3-1a677d6ab51b
Host: api.zoom.us
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: TS018dd1ba=01213d1771ef96e4f21372e35ef95abc46d82a514d810fd007bf69a1bccab91b781388b288abf4faeb3e5abc86e03bfc46d3eeabe3; __cf_bm=_6.9O_ZXYvicx.JUSB9R21asdQx9Tl0f5e9165nHKKE-1669758589-0-Aff6rlCTjTwthasuyf7HXNWXF1TzuwzpF6l4PmNzCOLPOch6Sej7WLy+adjmLI2zuB+stzAmnvaT3QeaNp+ecis=; _zm_chtaid=558; _zm_ctaid=4xDdJUL_TpqByddKn9FhWw.1669757691477.a062f0405fbcf951658ef9a245940aeb; _zm_mtk_guid=2fa9f28edc0840eca371276ee415227d; _zm_page_auth=aw1_c_xPb0OcUMT9SnPcAqzZdjlg; _zm_ssid=aw1_c_4z8JO2t_SIKwWF8OMoUOxw; cred=F0FDF47D82169A3D1604971800801EB0
HTTP/1.1 401 Unauthorized
Date: Tue, 29 Nov 2022 21:50:16 GMT
Content-Type: application/json;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-zm-trackingid: v=2.0;clid=aw1;rid=WEB_cac2e97dc09b69bb07f6707179d8b045
x-content-type-options: nosniff
Cache-Control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
set-cookie: zm_aid=""; Domain=.zoom.us; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/; Secure; HttpOnly
set-cookie: zm_haid=""; Domain=.zoom.us; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/; Secure; HttpOnly
set-cookie: zm_tmaid=""; Domain=.zoom.us; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/; Secure; HttpOnly
set-cookie: zm_htmaid=""; Domain=.zoom.us; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/; Secure; HttpOnly
set-cookie: cred=45888120A662C36CBE347CAA0CE95FD1; Path=/; Secure; HttpOnly
x-zm-zoneid: VA2
content-disposition: inline;filename=f.txt
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aQOSSAXDpJYgKfqP2xx4XWM2%2F2M88OY33wSpcK5A%2BZ2yPXxB9GiUAYwrS67VEzYfkPjRj%2FUmirA8CYB7IX92VXSuRDgNRDsIeGMVwcXLLTWuXQ6bNdN2b9AA%2FIjj"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 771e8ed80ef0dc31-LHR
{"code":124,"message":"Invalid access token."}
Authentication method or app type*:
Authentication method is OAuth Server to Server.
I am using PostMan to test.