Zoom App OAuth with Client Credentials Grant Type?

greyoung · April 12, 2022, 6:46am

I noticed that it is possible in a client such as Postman to generate OAuth tokens using the Zoom App Client ID/Secret and grant_type set to client_credentials.

Is that intentional?

donte.zoom · April 12, 2022, 5:56pm

Welcome, @greyoung,

Thank you for posting in the Developer Forum. Yes, it is possible to generate an OAuth Token using the Zoom App Client ID and Secret. I am not aware of any restrictions placed on the kind of development/API tools that can used.

Best,
Donte

greyoung · April 12, 2022, 6:12pm

Hi @donte.zoom,

Thanks for the reply, but it unfortunately does not answer my question.

I was asking about whether the specific method I had used (i.e., generating OAuth tokens with the Client Credentials grant type) was in fact meant to be supported. I ask because this is not documented by you guys but seems a bit odd that it would be allowed in the context of a Zoom App.

donte.zoom · April 12, 2022, 11:19pm

Thanks for the clarification, @greyoung. You’re right, there is no mention of the current method you used in our Zoom Apps documentation. Would you be able to share a screenshot of how you are making the API request in Postman? Once received, I’ll verify supported methods and share what learn.

Addendum
Our Chatbot app does support grant_type set to client_credentials. Is it possible you are using the JWT or Chatbot Client ID/Secret?

greyoung · April 12, 2022, 11:44pm

Here’s the curl command that Postman says is equivalent:

curl --location --request POST “https://zoom.us/oauth/token” --header “Content-Type: application/x-www-form-urlencoded” --data-urlencode “grant_type=client_credentials” --data-urlencode “client_id=$ZOOM_APP_CLIENT_ID” --data-urlencode “client_secret=$ZOOM_APP_CLIENT_SECRET”

Where ZOOM_APP_CLIENT_ID and ZOOM_APP_CLIENT_SECRET can be set accordingly.

donte.zoom · April 13, 2022, 1:06am

I just tested on my end and was able to reproduce the behavior. I’ve since created an internal ticket for this as grant_type set to client_credentials is not supported for Zoom APPS. For your reference, the ticket tracking this issue is [ZOOM-366143].

Thanks for calling attention to this behavior, @greyoung!

Regards,
Donte

prashant.et · August 1, 2023, 2:12pm

I noticed that it is possible in a client such as Postman to generate OAuth tokens using the Zoom App Client ID/Secret and grant_type set to client_credentials…I have got the access token .while I am using this access token for crate a meeting showing error
{
“code”: 124,
“message”: “Invalid access token.”
}

Please suggest what is wrong here…

or second option as per mention in following document need authorization step for access token generation is mandatory?

ttmraj · October 6, 2023, 6:37pm

Hi @donte.zoom ,

Did you get any reply from Zoom Support? I am also facing same issue.

Topic		Replies	Views
Client ID and Client Secret API and Webhooks	2	5217	December 14, 2020
I made a Server-to-Server OAuth application to use a Webhook and API. How to create JWT for the API? Meetings webhooks , api , jwt	3	916	July 27, 2023
.NET C# TokenOAuth API and Webhooks	4	3018	August 21, 2020
Error "This API does not support client credentials for authorization." when trying to call an endpoint with Server-to-Server OAuth App credentials Authentication	16	3118	January 25, 2024
Access Token provided after client_credentials is not working API and Webhooks	2	1468	August 21, 2020

Zoom App OAuth with Client Credentials Grant Type?

Related Topics