Zoom App authorization error: "Invalid request : token created error: Save Access token into Database error"

Zoom Apps
1

Hello!

Zoom Apps Configuration

We have a React app using these scopes and events:

      ['authorize',
      'getUserContext',
      'onAuthorized',
      'onMyUserContextChange',
      'onMyMediaChange',
      'promptAuthorize',
      'removeVirtualForeground',
      'setVideoMirrorEffect',
      'setVirtualForeground']

Description

Some users are experiencing issues with the in-client auth. The app listens to the onAuthorized method and sends a request to our server with a code, we then request an access token to https://zoom.us/oauth/token with the parameters code, redirect_uri, and grant_type (authorization_code) using basic auth. All params, and credentials seem to be correct, but in some cases users are getting the following error (Bad Request 400):

{"reason"=>"Invalid request : token created error: Save Access token into Database error", "error"=>"invalid_grant"}

Troubleshooting Routes

We have tried sending requests to the https://zoom.us/oauth/token endpoint with different and wrong parameters but the errors we get are different than the one reported. We also installed and uninstalled the app in development several times, expiring tokens, using wrong parameters, scopes, etc.

How To Reproduce

We haven’t been able to reproduce the error. It was reported in our error tracking system.

Thanks for your help!

2

@cortexht,
Thank you for posting in the Zoom Developer Forum! We haven’t encountered any authentication errors (Bad Request 400). To ensure I understand, I would like to gather some additional information on the behavior your users are seeing. To begin, can you provide the following details :

  1. Can you let us know if you are experiencing this error frequently?

  2. Have you checked for any network-related issues? It is possible there may have been network-related issues as the error seems to be databases related.

  3. Additionally, can you provide information on the device being used when the error occurs?"

  4. What other errors or insights have you drawn from your tracking system?

We are looking forward to hearing back from you.

3

Hi @donte.zoom ,

  1. Can you let us know if you are experiencing this error frequently?
  • It has happened 10 times in the last 30 days, but I don’t know what percentage of the total users trying to install the app are experiencing the issue.
  1. Have you checked for any network-related issues? It is possible there may have been network-related issues as the error seems to be databases related.
  • It doesn’t seem to be a network issue, I checked our logs and systems. That’s the response we get when we request the OAtuh endpoint on your side.
  1. Additionally, can you provide information on the device being used when the error occurs?"
  • No. How can I get that information from the Zoom SDK or the Zoom App?
  1. What other errors or insights have you drawn from your tracking system?
  • The body parameters code, href, and state are passed correctly to our endpoint. href and the “referer” is the home endpoint. There is also an authorization parameter that I haven’t seen in the documentation.
  • In some other cases, we are also getting this error: {"reason"=>"Invalid authorization code", "error"=>"invalid_grant"}.

Thanks!

4

In the cases where you are getting an invalid authorization code error, have you confirmed that you are sending the expected auth code within 10 mins?

When it comes to the Save Access token into Database error I’ll need to have our service engineering team look into this. I sent you a DM asking for more information that should help here.

5

Thanks @MaxM . The invalid authorization code error is happening because the onAuthorized event is triggered twice, so the code is used twice. The first time it works and the second time it gets invalidated so we get the error.

We are checking on our side why the event is triggered twice.

6

If you’re using a reactive framework I would check to ensure that the component is not being remounted.

I’ll check with our team to see if we can identify the cause of the other error that you’re seeing. (ZSEE-79545)

7

It sounds like there may be an issue with the token not being saved correctly in the database. Here are some steps you could take to troubleshoot the issue:

Verify that the code received from the onAuthorized method is correct and has not expired.
Check that the redirect_uri specified in the OAuth request matches the redirect URI configured for your app in the Zoom App Marketplace.
Ensure that the grant_type is set to “authorization_code” in the OAuth request.
Confirm that the basic authentication credentials used to make the OAuth request are correct and have not expired.
Check that your server is able to successfully save the access token to the database.
Verify that the saved access token is being used correctly in subsequent requests to the Zoom API.
If none of these steps help resolve the issue, you may need to reach out to Zoom support for further assistance.

Regards,
Rachel Gomez