Zoom App OAuth with Client Credentials Grant Type?

I noticed that it is possible in a client such as Postman to generate OAuth tokens using the Zoom App Client ID/Secret and grant_type set to client_credentials.

Is that intentional?

Welcome, @greyoung,

Thank you for posting in the Developer Forum. Yes, it is possible to generate an OAuth Token using the Zoom App Client ID and Secret. I am not aware of any restrictions placed on the kind of development/API tools that can used.


Hi @donte.zoom,

Thanks for the reply, but it unfortunately does not answer my question.

I was asking about whether the specific method I had used (i.e., generating OAuth tokens with the Client Credentials grant type) was in fact meant to be supported. I ask because this is not documented by you guys but seems a bit odd that it would be allowed in the context of a Zoom App.

Thanks for the clarification, @greyoung. You’re right, there is no mention of the current method you used in our Zoom Apps documentation. Would you be able to share a screenshot of how you are making the API request in Postman? Once received, I’ll verify supported methods and share what learn.

Our Chatbot app does support grant_type set to client_credentials. Is it possible you are using the JWT or Chatbot Client ID/Secret?

Here’s the curl command that Postman says is equivalent:

curl --location --request POST “https://zoom.us/oauth/token” --header “Content-Type: application/x-www-form-urlencoded” --data-urlencode “grant_type=client_credentials” --data-urlencode “client_id=$ZOOM_APP_CLIENT_ID” --data-urlencode “client_secret=$ZOOM_APP_CLIENT_SECRET”

Where ZOOM_APP_CLIENT_ID and ZOOM_APP_CLIENT_SECRET can be set accordingly.

1 Like

I just tested on my end and was able to reproduce the behavior. I’ve since created an internal ticket for this as grant_type set to client_credentials is not supported for Zoom APPS. For your reference, the ticket tracking this issue is [ZOOM-366143].

Thanks for calling attention to this behavior, @greyoung!