ZOOM REST API add participant to meeting: Code 124 "Invalid access token" Error

API Endpoint(s) and/or Zoom API Event(s)
https://api.zoom.us/v2/meetings/[meeting number]/registrants

Greetings - I am calling the Rest API to add a registrant to an existing meeting. First I am trying to get this working via Postman, then I’ll code it up in PHP. I have created a server-to-server oAuth app (so the grant type is account_credentials) and I have built a request to get the oAuth token (which is working), then a request to add a registrant to an existing meeting (which is returning the Code 124 error). I have checked the token format, scope, etc. and it all looks right to me so I am not sure why the API is returning this error.

I have my Postman Collection with the 2 queries saved off that I can provide to you (not here) and I can give you my Zoom account login credentials too if you need them (again not here). Please reach out to me and let me know how I can get these to you securely.

{ “code”: 124, “message”: “Invalid access token.” }

How To Reproduce
You will need my Postman Collection file which will make this super easy to illustrate the issue.
Then run the 1st query to get an oAuth2 token from my oAuth server-to-server app.
Then run the 2nd query with that oAuth2 token to TRY and add a registrant to an existing meeting.
Then you will see the error…

Any help you can give me would be GREATLY appreciated - I am been trying to get this working for 2 days now.

Thank you in advance - Mark

Hi @mbeede ,

Please try with our Postman workspace to double check you’re generating the token correctly:

Then try your token with a simple endpoint like Get a Meeting.

Please let me know if you notice any difference in token generation!

You can also try using this sample app: Postman

Thank you for the quick reply. Same exact results with a simpler Rest API call.

First it gets the oAuth Token:

Then I call the REST API endpoint to just get an existing meeting that I have…

Results in the same error.

Here is the entire oAuth token (which will expire shortly, but it shows the format of it)

{“access_token”: “eyJzdiI6IjAwMDAwMSIsImFsZyI6IkhTNTEyIiwidiI6IjIuMCIsImtpZCI6IjZkNzk2NWZhLTg2NDEtNDc5Yy1iMmVlLTJjNGRkZjUwNzQ2ZSJ9.eyJhdWQiOiJodHRwczovL29hdXRoLnpvb20udXMiLCJ1aWQiOiJYSERrTUtQeVNVS0t2a2J4eXdrM013IiwidmVyIjo5LCJhdWlkIjoiZmI1OWNjNjNmYWM3ODA5MDY1ZTQ2OTY1YWM5NzYzMGMiLCJuYmYiOjE2OTUzMTg3NzEsImNvZGUiOiJkaW41VjFKalRMMmFsRWgzaDlMUVZnbHFRT3ExTXFXTksiLCJpc3MiOiJ6bTpjaWQ6Ujk5cUR2aHdRRldCSTFCclVxR2ZYQSIsImdubyI6MCwiZXhwIjoxNjk1MzIyMzcxLCJ0eXBlIjozLCJpYXQiOjE2OTUzMTg3NzEsImFpZCI6Imo2WDFjMTU2VHM2NEVrNFBZcTJzaFEifQ.76uGnJUxTmP0j-N_w9Lli08MsllUVro2ng57UD2uiENvGfVntzem2jdb1pXIohITaop4JXrntgqiu0JiX3Payg”,“token_type”: “bearer”,expires_in": 3599,“scope”: “meeting:read:admin meeting:write:admin”

Does this shed any light on what’s going on here?

@mbeede ,

When calling the REST API enpoint, you just need the access_token portion of it in postman


YES, that worked for Postman. Now I need to get my actual REST API call to add a registrant to an existing meeting working. I am getting the same error 124 with this POST:


I tried the token snippet you suggested above in this REST API call too but that resulted in a Code 124 error.

Here is the entire oAuth access token I get back from the Zoom token call:

“token_type”: “bearer”,
“expires_in”: 3599,
“scope”: “meeting:read:admin meeting:write:admin”

So what part(s) of the token do I need to pass into the “registrants” REST API?
Or do you see anything else wrong with this?

Thanks in advance, Mark

You just need to pass
‘Authorization’ => 'Bearer ’ . ‘eyJzdiI6IjAwMDAwMSIsImFsZyI6IkhTNTEyIiwidiI6IjIuMCIsImtpZCI6IjEwNzZkNDRkLTY5YmQtNGNlOC1hZDRlLTYxOGIxYWUxYzYxNiJ9.eyJhdWQiOiJodHRwczovL29hdXRoLnpvb20udXMiLCJ1aWQiOiJYSERrTUtQeVNVS0t2a2J4eXdrM013IiwidmVyIjo5LCJhdWlkIjoiZmI1OWNjNjNmYWM3ODA5MDY1ZTQ2OTY1YWM5NzYzMGMiLCJuYmYiOjE2OTUzOTU2MDYsImNvZGUiOiJydWNxcWdlelEweVJLTDVxMFRfcFRRSktMajM1dkFNVEgiLCJpc3MiOiJ6bTpjaWQ6Ujk5cUR2aHdRRldCSTFCclVxR2ZYQSIsImdubyI6MCwiZXhwIjoxNjk1Mzk5MjA2LCJ0eXBlIjozLCJpYXQiOjE2OTUzOTU2MDYsImFpZCI6Imo2WDFjMTU2VHM2NEVrNFBZcTJzaFEifQ.lDq39wFUZWnyHbOC1Bsb6_NRJItJgNMwp9HnqoaYSNSfVq8wf-YOUqgxXxA8k0OV1SRKGfGT4rreLef0FXWr6Q’,
in headers like this , for you above token

So I passed just the token part into that “registrants” POST:


And now I am getting this error:

<?xml version="1.0" encoding="UTF-8" standalone="yes"?> 300 Request Body should be a valid JSON object.

I tried a few other things like adding the " " and { } etc. and back to the code 124 error.

Can you show me exactly what I need to pass as the token into that API call?
I’m still not getting it right?

THANK YOU for your help on this! - Mark

sorry for the confucion i copied that from php you need to remove ‘’ from above statement it will be like this ‘Authorization’ => ‘Bearer yourtokenvalue’

This still isn’t working in Postman. Let’s back up.

First I called this REST API endpoint:
https://zoom.us/oauth/token?grant_type=account_credentials&account_id=[my account id]

It returns this oAuth Token:
“access_token”: “eyJzdiI6IjAwMDAwMSIsImFsZyI6IkhTNTEyIiwidiI6IjIuMCIsImtpZCI6IjBjYWQ4Mjg1LTc3NGUtNDZhOS04YWViLThmNWNlZTc4OTU0NyJ9.eyJhdWQiOiJodHRwczovL29hdXRoLnpvb20udXMiLCJ1aWQiOiJYSERrTUtQeVNVS0t2a2J4eXdrM013IiwidmVyIjo5LCJhdWlkIjoiNmJlYjM5MDNiYTQyY2YzZjRkMTUzZTM4MjgwM2I3OWEiLCJuYmYiOjE2OTU0MjE2OTYsImNvZGUiOiJUTU15ZkQ2UVRjLUJHQm13ZGVyOUxnVmR4aWVSMEFOSkgiLCJpc3MiOiJ6bTpjaWQ6Ujk5cUR2aHdRRldCSTFCclVxR2ZYQSIsImdubyI6MCwiZXhwIjoxNjk1NDI1Mjk2LCJ0eXBlIjozLCJpYXQiOjE2OTU0MjE2OTYsImFpZCI6Imo2WDFjMTU2VHM2NEVrNFBZcTJzaFEifQ.kz-vmFH_Ee-Hy-VT0-dA3ayL4pzssXhebu1nw__9tRcP-2pEzngfS2sDWdW9W08tUTKqKwJFtV1-joGpg51LtQ”,
“token_type”: “bearer”,
“expires_in”: 3599,
“scope”: “meeting:write:admin”

Second I called the REST API endpoint to add a registrant to a meeting:
https://api.zoom.us/v2/meetings/83846190134/registrants?email=test@test.com&first_name=Mark&last_name=Brown&country=US&phone=303-111-2222&org=ABC Compaany&job_title=IT

AND I passed that entire oAuth Token with it. That results in a Code 124 error
Then I tried passing just the token string “eyJ…LtQ” same error code
Then I tried combinations of the oAuth Token parts same error code

Please show me EXACTLY what I need to paste into the “Token” input field in Postman to get this REST API call to work. I can’t seem to get it.

Thank you once again in advance…

@mbeede ,

this is how it should look like on postman

For your case, it should just need


Do make sure you have the correct scope to access the APIs as well

Ok - So if I call the “meetings” API that works. But when I call the “registrant” API (the one I need) and plug in just the token I get this error:

Which was why I was thinking that I needed some more pieces of the oAuth token to be included for that API call. So can you help me with this error?

The other parts of the oAuth token when I created it (including the scope) are:

"token_type": "bearer",
"expires_in": 3599,
"scope": "meeting:write:admin"

Your API documentation for adding a registrant says the required scopes are:
SCOPES: meeting:write:admin, meeting:write.

When I setup the scope there is no option for “meeting:write”.
Just “meeting:write:admin” but I THINK that includes “meeting:write” by default doesn’t it? Or is that an issue?

Please advise - Mark


I see that in your postman’s request, it is in the querystring.
For adding meeting registrant. you will need to enter the details in the body.

Do check out Zoom Meeting API for the fields

FINALLY - That did the trick. Thank you for all of your help.

And I got the REST API call working in PHP too. Here is the code in case anyone else needs it:

Method: sendZoomAddRequest
Purpose: Adds the new registrant to an existing meeting in ZOOM
Params: $endPoint: The part of the URL after “https://api.zoom.us/v2
$postFields: The registrant data that needs to be posted to ZOOM
$token: The OAUTH2 TOKEN
Return: The response back from the ZOOM API call
function sendZoomAddRequest($endPoint, $postFields, $token)
// Specify request URL
$url = ZOOM_API_BASE_URL . $endPoint;

// Specify request header (we just need the oAuth code itself so parse it out)
    $tokenTrim = substr($token, strpos($token, ":") + 2);
    // error_log(print_r("TOKEN: " . $tokenTrim, true));
    $tokenCode = substr($tokenTrim, 0, strpos($tokenTrim, "token_type") - 3);
   // error_log(print_r("TOKEN: " . $tokenCode, true));
   $header = array("Authorization: Bearer " . $tokenCode, "content-type: application/json");
   // error_log(print_r("HEADER: " . implode(" | ", $header), true));

// Setup CURL for the REST API call
$curl = curl_init($url);
curl_setopt($curl, CURLOPT_HTTPHEADER, $header);
curl_setopt($curl, CURLOPT_CUSTOMREQUEST, 'POST');
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
curl_setopt($curl, CURLOPT_POSTFIELDS, json_encode($postFields));
$response = curl_exec($curl);
error_log(print_r("RESPONSE: " . $response, true));
return ($response);


This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.