we have an application that a user can install and use on different devices. Each time the user logs in on another device, the access token on the other devices are invalidated.
So each time a user asks for a refresh token, previous refresh tokens are invalidated.
This causes a lot of troubles…
This has been addresses here, but it seems no solution was provided.
Main problem is that we can’t even trap this, as we cannot know in advance (when the user clicks on “Authenticate to Zoom”) that the user will try to use the same zoom user.
Thanks for reaching out to us!
I understand how this can be causing issues with your integration.
I have looked for internal documentation and I can see that this feature is in our Roadmap but not implemented yet.
problem is that we will be forced in june to switch away from JWT to oAuth… so that is really a problem actually. Or is there a workaround that I don’t see at the moment?
I could centralise the storage of access tokens so that they have to request it from my server, but that looks like a security issue to me…
Have you looked into our Server to SErver OAuth app?