Token refresh problem

Hello

By the number of threads about it I believe it’s the most common issue with Zoom API :).

I’m building a WordPress website with a webinar registration form.
You can see it here: Hope Trust » Hope Trust: Creating a Comprehensive Special Needs Plan – It Takes a Village

The form uses Zoom API to add the participants through Zoom OAuth application. For the first hour after I install an application (and an auth token is created) the form works perfecly. Auth token and refresh token are saved in a database. During this first hour I can refresh the token with no problem (both tokens are being saved in a database). Refreshing the token also works through Postman.

The problem occurs after this first hour. When I try to register for a webinar I’m getting an exception 401, because auth token is no longer valid. So I’m sending a POST request to refresh the token but getting this error:
{
“reason”: “Invalid Token!”,
“error”: “invalid_request”
}
What’s interesting I’m getting the same error when trying through Postman. Remember - it was working fine during the first hour.

I think I tried everything. Reinstalling the application doesn’t help - after one hour the problem is back.
I’m running out of ideas.

Here’s my PHP refresh token request:

$refresh_token = $db->get_refersh_token();

$client = new GuzzleHttp\Client(['base_uri' => 'https://zoom.us']);
$response = $client->request('POST', '/oauth/token', [
    "headers" => [
        "Authorization" => "Basic ". base64_encode(CLIENT_ID.':'.CLIENT_SECRET)
    ],
    'form_params' => [
        "grant_type" => "refresh_token",
        "refresh_token" => $refresh_token
    ],
]);

Hi @michal1,

Thanks for reaching out about this, and happy to help look into it for you.

As a first step, can you review this post below, and let me know if you think any of these cases might apply in your scenario?

Thanks,
Will

Hello @will.zoom

Thank you for your reply.
Regarding the topic you attached.

1. Every time i reinstall the application both tokens are being saved in a database. Just in case I just tried again.

• I uninstalled the application.
• I removed all the data from the token table in my database, to be sure a new value will be saved.
• I installed the application again.
• New token was added to the database.
• I can register via the website form.
• 60 minutes later I try to register again, but I’m getting 401 response, because access token is no longer valid. Script tries to refresh the token and register again, but I’m getting a fatal error: Invalid token.

2. Multiple request - I don’t think so. I’m testing manually - two request during one hour.

3. Application uninstalled - no, I’m the only one working on this, but just in case I checked the logs - the application is installed.

Maybe there’s something wrong with my script?

It’s a simple PHP function:

1. Try to register user:

• POST https://api.zoom.us/v2/webinars/$zoomID/registrants
• authenticate with access token
• provide json variables.

2. If access token is no longer valid:

• POST https://zoom.us/oauth/token
• authenticate with Client ID and Client Secret
• provide refresh token
• get new tokens and upgrade the database
• try to register again (go back to step 1 above).

See the code below.
I’m sure it’s some stupid mistake I make, but after a few hours and a lot of attempts to make it work I just can’t see it.

<?php
    require_once 'config.php';
     
    function register_user() {
        $client = new GuzzleHttp\Client(['base_uri' => 'https://api.zoom.us']);
     
        $db = new DB();
        $arr_token = $db->get_access_token();
        $accessToken = $arr_token->access_token;

        parse_str($_POST['data'], $variables);
        $zoomID = intval($variables['zoomID']);
        $email = $variables['email'];
        $firstname = $variables['firstname'];
        $lastname = $variables['lastname'];
        $phone = $variables['phone'];
     
        try {
            $response = $client->request('POST', '/v2/webinars/'.$zoomID.'/registrants', [
                "headers" => [
                    "Authorization" => "Bearer $accessToken"
                ],
                'json' => [
                    "email" => $email,
                    "first_name" => $firstname,                              
                    "last_name" => $lastname, 
                    "phone" => $phone
                ],
            ]);
     
            $data = json_decode($response->getBody());
            
            $response = array( 'status' => 'success' );
            echo(json_encode($response));
     
        } catch(Exception $e) {
            if( 401 == $e->getCode() ) {
                $refresh_token = $db->get_refersh_token();
 
                $client = new GuzzleHttp\Client(['base_uri' => 'https://zoom.us']);
                $response = $client->request('POST', '/oauth/token', [
                    "headers" => [
                        "Authorization" => "Basic ". base64_encode(CLIENT_ID.':'.CLIENT_SECRET)
                    ],
                    'form_params' => [
                        "grant_type" => "refresh_token",
                        "refresh_token" => $refresh_token
                    ],
                ]);
                $db->update_access_token($response->getBody());
     
                register_user();
            } else {
                echo $e->getMessage();
            }
        }
    }
     
    register_user();
?>

Hi @michal1,

Thank you for confirming these details.

In order to further investigate, can I kindly ask that you share a recent example (within the last 7 days) of one of the refresh tokens that failed? You can share this with me directly at developersupport@zoom.us. Please reference this thread in your email, and I will be happy to check our logs and further investigate for you.

Thanks,
Will

Hello @will.zoom

Thank you, I just emailed you the tokens.

Best,
Michal

Hi @michal1,

Thank you—we will be in touch with you directly.

Thanks!
Will

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.