I noticed that it is possible in a client such as Postman to generate OAuth tokens using the Zoom App Client ID/Secret and grant_type set to client_credentials.
Is that intentional?
I noticed that it is possible in a client such as Postman to generate OAuth tokens using the Zoom App Client ID/Secret and grant_type set to client_credentials.
Is that intentional?
Welcome, @greyoung,
Thank you for posting in the Developer Forum. Yes, it is possible to generate an OAuth Token using the Zoom App Client ID and Secret. I am not aware of any restrictions placed on the kind of development/API tools that can used.
Best,
Donte
Hi @donte.zoom,
Thanks for the reply, but it unfortunately does not answer my question.
I was asking about whether the specific method I had used (i.e., generating OAuth tokens with the Client Credentials grant type) was in fact meant to be supported. I ask because this is not documented by you guys but seems a bit odd that it would be allowed in the context of a Zoom App.
Thanks for the clarification, @greyoung. You’re right, there is no mention of the current method you used in our Zoom Apps documentation. Would you be able to share a screenshot of how you are making the API request in Postman? Once received, I’ll verify supported methods and share what learn.
Addendum
Our Chatbot app does support grant_type set to client_credentials. Is it possible you are using the JWT or Chatbot Client ID/Secret?
Here’s the curl command that Postman says is equivalent:
curl --location --request POST “https://zoom.us/oauth/token” --header “Content-Type: application/x-www-form-urlencoded” --data-urlencode “grant_type=client_credentials” --data-urlencode “client_id=$ZOOM_APP_CLIENT_ID” --data-urlencode “client_secret=$ZOOM_APP_CLIENT_SECRET”
Where ZOOM_APP_CLIENT_ID and ZOOM_APP_CLIENT_SECRET can be set accordingly.
I just tested on my end and was able to reproduce the behavior. I’ve since created an internal ticket for this as grant_type set to client_credentials is not supported for Zoom APPS. For your reference, the ticket tracking this issue is [ZOOM-366143].
Thanks for calling attention to this behavior, @greyoung!
Regards,
Donte
I noticed that it is possible in a client such as Postman to generate OAuth tokens using the Zoom App Client ID/Secret and grant_type set to client_credentials…I have got the access token .while I am using this access token for crate a meeting showing error
{
“code”: 124,
“message”: “Invalid access token.”
}
Please suggest what is wrong here…
or second option as per mention in following document need authorization step for access token generation is mandatory?