Zoom Deauthorization event webhook

I’ve created a sample Zoom OAuth app and added it to my personal zoom account. I’ve created a simple spring boot project and created a sample endpoint for the deauthorization event to hit when I remove the app from my account.

The endpoint is not being hit whenever I remove the app. I know I’m missing something extremely simple but I’ve tried a lot of things like changing default http to https, changing request body to generic map, but none seem to work out. I’ve also checked sample templates if I can find for Java, but wasn’t able to come across any.

Here’s the sample API code.

public class DeauthorizeController {

    public String deauthorize(@RequestBody Map<String, Object> payload) {
        return "endpoint hit";

API Endpoint/s?

This is the same endpoint I’ve given in App Information → Deauthorization notification → Endpoint URL from accessing the zoom app configuration.

It is a localhost endpoint as I’m running the spring boot application in my local testing workspace for now. The server is up and running and all the requests I make from postman are hitting the endpoint without any issues.

Could someone please help me identify why the endpoint is not being hit whenever I remove the app from my account. Thank you!

Hi @hallows97
Thanks for reaching out to the Zoom Developer Forum and welcome to our community! I am happy to help here!

Have you tried debugging your endpoint?
There are some steps that might help you to debug your issue:

  1. Send a post request to your Endpoint URL, if you do not receive this event then you will have to check your Endpoint

  2. If you DO RECEIVE the post request, but not the Zoom events, try replacing your endpoint with a test endpoint of your preference (such as webhook.site).

  3. If you receive events and Zoom events in this test endpoint, please check that your Endpoint URL is working properly.

Please let me know if this helps you identifying your issue.

Hello @elisa.zoom

Thank you very much for the detailed response. Here’s my observations.

  1. Yes, it’s a local endpoint as specified in the post, it’s up and running and I am able to hit the endpoint with postman and receive a response as well.

  2. I’ve tried putting URL generated in webhook.site into the deauth endpoint on zoom app, and tried adding the app and removing the app, but I didn’t receive any events in the webhook.site (it didn’t show any new events, it just showed.

Endpoint - https://webhook.site/294bb624-5ed4-45c5-aed3-e4eb0a29d0fa

  1. Unfortunately, didn’t receive zoom events on the webhook test endpoint.

Did you ever find out what was going wrong here? I’ve got the same problem, I’ve specified a deauthorization endpoint URL but I can see from our Apache access logs that it’s not being called.

Hey @hallows97
I am really really sorry for the late response!
Are you still experiencing this issue?

@tomcat is this an issue for you as well? Please let me know and I am happy to jump back right at it :slight_smile:

Thanks for the reply @elisa.zoom! I think I worked out the problem: the deauthorisation endpoint URL is only called if the integration was authorised using production credentials, so my attempts to test it using our development credentials weren’t successful.

My next obstacle was that it’s not possible to update the publishable URL so that I could test this using production credentials until I had provided a technical design document, so I had to work around that by uploading a placeholder document.

As a suggestion to make life easier for developers working with the Zoom API, can I suggest either providing separate development and production deauthorisation URLs (the ideal solution!) or at least documenting that it’s only called for production and providing a way of authorising your own account using production credentials that does not require the technical design document to be uploaded?