Zoom OAuth signin, omitting "state" if they don't have a zoom account already

As the title says, this is a big bug on zooms part.

When users want to integrate their app with our system, we send them to the usually zoom url, with a state=123456 parameter attached.
State is supposed to be carried all the way until redirect back to our site, so that we can identify the user/session which initiated it from the start.

But if the user doesn’t have a zoom account and is asked to log in, it throws away this state parameter and when the user is redirected back to our app, we have no idea who they are and it all collapses.

Am I missing something?

Hey @worthy.vii,

Thank you for reaching out to the Zoom Developer Forum. This does sound like it could be a bug. Please send an email to developersupport@zoom.us with a link to this thread. In that email, please include the URL that you’re using when you see this issue.

I’ll use that information to investigate further and reach out to our engineering team if necessary.

Thanks,
Max

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.