This API does not support client credentials for authorization

API and Webhooks Authentication
1

Hello, I am attempting to update to the OAuth from the JWT and ran into a problem. I have created a server-to-server-oauth app and have the keys. I can retrieve a token but when I try to use the token, it returns the error, “This API does not support client credentials for authorization.”

From what I can find in the forums, I need to change the grant type from “client_credentials” to “account_credentials”. However, that returns “invalid request”

This is in PHP, and I am using the package “league/oauth2-client” to get the token.

I am attempting to salvage the existing code base which uses Guzzle, and get a token and attach that to the Guzzle requests.

The code is rather simple,

$provider = new \League\OAuth2\Client\Provider\GenericProvider(
[
‘clientId’ => ‘…’, // The client ID assigned to you by the provider
‘clientSecret’ => ‘…’, // The client password assigned to you by the provider
‘redirectUri’ => ‘’,
‘urlAccessToken’ => ‘https://zoom.us/oauth/token’,
]);

$accessToken = $provider->getAccessToken('client_credentials');

This does work as I do receive a token, but I can’t seem to access the endpoints with it.

An example endpoint, users/[email]/webinars, to just receive a list of webinars.

Am I missing something?

2
  1. Please make sure that you are using a server to server Oauth app and not a user authorized oauth app
  2. Please remove the redirect_url query parameter
3
  1. I created the app in the marketplace and it said server to server oauth. I don’t see anything about this being a user oauth app.
  2. ah ok. Still doesn’t give me a valid token
4

Can you try using a tool like postman to see if you are able to receive a token with the same credentials?

5

I wasn’t able to get postman to make a successful token request. It just keeps giving an error, "Invalid redirect: https://oauth.pstmn.io/v1/callback (4,700) " that I was not able to find a solution for.

6

whats the base url that you are using?

it should be something like:
api.zoom.us/oauth/token

7

To request the token, ‘https://zoom.us/oauth/token’, then, ‘https://api.zoom.us/v2/’ as the base for the client request.

I just tried postman with the bearer token I got and I received the same error message about not being authorized.

Is https://api.zoom.us/v2/users/me/webinars a valid API path?

8

the link you provided returns a error, " Invalid response received from Authorization Server."

9

I was not able to get it to work with Guzzle, because of some kind of header bug.

I used this command as a basis for this request.

curl -X POST https://zoom.us/oauth/token -d 'grant_type=account_credentials' -d 'account_id=#ID#' -H 'Host: zoom.us' -H 'Authorization: Basic ##base64_string##'

taken from, Server-to-Server OAuth

Once I had the correct keys in that command, I was able to get a token and then use Postman to test a request. Everything worked.

I posted a bug report on Guzzle, Host Header · Issue #3176 · guzzle/guzzle · GitHub if you want to see the Guzzle code.

I was able to make it work using Curl,

$curl = curl_init();

    curl_setopt($curl, CURLOPT_URL, 'https://zoom.us/oauth/token');
    curl_setopt($curl, CURLOPT_POST, true);

    $data = array(
        'grant_type' => 'account_credentials',
        'account_id' => $account_id
    );
    curl_setopt($curl, CURLOPT_POSTFIELDS, $data);

// $r is base_64encode string... I was not able to make it work If I actually put an array for the 
    authorization header it would fail but if it did it like this it worked

    $headers = array(
        'Host' => 'zoom.us',
        "Authorization: Basic $r"
    );
    curl_setopt($curl, CURLOPT_HTTPHEADER, $headers);

    $response = curl_exec($curl);

    var_dump($response);

    curl_close($curl);

Anyway, hope this helps someone in the future.