I’m currently working with a Server-to-Server OAuth app in the Zoom Developer Platform and am facing an issue with validating the webhook endpoint URL. According to the documentation, when a new Event Notification Endpoint URL is added and the “Validate” button is clicked, Zoom should send a special event with event: "endpoint.url_validation"
to verify the URL. However, in my case, this validation event is not being sent at all — it’s not received on my server, and it’s not visible in the ngrok request logs either. The app is fully configured: it’s activated, Event Subscriptions are turned on, at least one event (e.g., meeting.ended
) is selected, and the endpoint URL is a valid public HTTPS address using ngrok. Additionally, I am successfully receiving real Zoom events like meeting.ended
, which confirms that the server and URL are reachable.
To rule out ngrok-specific issues, I also tested using a production HTTPS domain with a valid SSL certificate, and the exact same issue occurs — no validation request is received when clicking “Validate”. I have tried slightly modifying the URL to force re-validation, restarting ngrok, testing on a custom domain, and double-checking all app configuration steps, but the issue persists. I would appreciate any guidance on why this might be happening, or if there’s a known issue with validation events not being triggered for Server-to-Server OAuth apps.