Zoom Cloud Recordings API Token Expiry

what’s the best/most updated documentation for the Zoom Cloud Recordings API token? We’re seeing very short expiration times of the tokens (multiple times within one day), which leads me to think we probably haven’t found our way to the proper documentation.

refresh token seems to not be working properly to get new access_token as it is supposed to be

Hi @josh5 ,

Here is the most up to date Cloud Recordings API docs: Zoom Meeting API

  • Are you specifically referring to the download_access_token?
  • Can you please identify which specific endpoints and share your API request/response/screenshots with sensitive information obscured?

Thank you!

Hi Gianni. Thanks for your reply.

I am working with Josh and let me continue this ticket if you don’t mind.

Here is the scenario.
Recently, we’ve developed the zoom app which allows to download the cloud recordings of our account inside our pwa app. We’ve successfully managed to connect the zoom app via OAuth2 and was be able to down the recordings with the given access_token. After a certain period of time, the access_token expires as it is and then the pwa app would try to retrieve the new access_token with the refresh_token and save them into the db. Seems everything works fine till this point.
But the something wrong happened when trying to connect the zoom app again afterwards. The new access_token and refresh token didn’t work to connect to the zoom app and couldn’t get the recordings. All we can do is let the user authenticate the zoom again which is not the best user experience.

  • Are you specifically referring to the download_access_token?
    Yes, I am referring to the access_token for downloading the zoom cloud recordings

  • Can you please identify which specific endpoints and share your API request/response/screenshots with sensitive information obscured?

API endpoint


    "reason": "Invalid Token!",
    "error": "invalid_grant"

Hey @gianni.zoom !

Following up here after Aaron’s response. We are working on figuring this out together. Below is a screenshot of our oauth authorize requests and responses.

As Aaron mentioned above, the initial connection works great, but after the access token expires, our app tries to retrieve a new access token with the refresh token which then gets an invalid token/grant error.

Is this a known issue? Or Is it due to our implementation? (if so, what docs should we be referencing)

Thanks so much.

Heads up, this discussion forum won’t allow me to send images. I get an error saying embedding images in a post isn’t allowed.

So here are links to the two screenshots:
Screenshot 1: Screen Shot 2022-05-20 at 10.08.42.png - Google Drive
Screenshot 2: Screen Shot 2022-05-20 at 10.07.44.png - Google Drive


Hi @josh5 @aaronchildres9 ,

Ahh I see, thank you for this information. There seems to be an issue with the token tolerance and this is not expected behavior. Can you open a support ticket with the following please?:

  • production client id
  • full API request/responses w/token
  • account id
  • link to this forum post


Thanks for the instruction @gianni.zoom

I went ahead and filed the support ticket with the requested information.

Here is the link: https://support.zoom.us/hc/en-us/requests/14411952


Hey @gianni.zoom I filed the ticket and have escalated. I still have not received any response. May we please get some assistance?

Hi @josh5 , sure thing. I’ll see if I can locate it. What’s your ticket number?

Ticket ID: #14411952

Link was provided in one of my previous comments: https://support.zoom.us/hc/en-us/requests/14411952

When can I expect a response? It’s been 4 weeks now.

Hey Gianni. I just got an email that my last response to you was hidden because it was marked as spam. My ticket number is: 14411952

Hi @josh5 ,

Ahh I see it now. I’ll connect with the person who’s handling it so they can follow up with you asap. Apologies for the delay–we recently had a very large queue.


Thanks @gianni.zoom. I look forward to learning the best next steps from you early this week.

Hi Josh, I’m pasting a link (below) from our server-to-server OAuth docs on the Zoom REST API. I’m from the Zoom Apps team, and can offer a couple ways I’ve debugged issues like this:

  1. Sanity check to make sure you’re calling the token refresh endpoint correctly by testing your implementation with a very fresh/new refresh token
  2. Make sure your app is actually persisting the refresh token (eg: shutting down Docker can cause problems here; at least it often does for our ‘reference’ apps

@josh5 , did Jon’s guidance or the Support Engineering staff help to resolve this?