Hi Team,
We are trying to fetch the ZoomPhone call recordings using the Admin’s access token, but we are getting 401.
The app we have developed is Account Level - OAuth app
We are using the valid access token to fetch the recording (admin users access token)
Please me know if need to any specific information about the call to debug the case.
Hi @phonebridge-integ
Thanks for reaching out to us, I am happy to help here!
Could you please share with me what endpoint are you trying to reach?
and what error are you getting?
Thanks @phonebridge-integ
Could you please share with me what error are you getting? or what issue are you running into?
Hi Team,
Apologies for the delayed response.
Please find the complete details below,
Request URL : https://zoom.us/v2/phone/recording/download/x-dKp4gTQNKGwYzC9MVD0A?access_token={{ACCESS_TOKEN} }
HTTP Status Code : 400
Response Body : {“code”:401,“message”:“Invalid access token, this access token is not supported as query parameter string.”}
FYI : The access token sent in the request is newly created access token.
Hi Team,
Could we get any updates for the above issue.?
Hi @phonebridge-integ
Thanks for reaching out to us
We recently made some changes to the way we handle access_tokens and those should not be passed down as a query parameter anymore
As a part of our continuing efforts to improve the security of Zoom OAuth App Types using Authorization flow, we are removing the ability to set the access tokens, refresh tokens and revoke tokens in the URL query parameters. This change will take effect on February 2023. It is strongly recommended that you update your API calls to set the token values in the Authorization header and not the HTTP query parameters. Failure to do so will result in rejected API calls and a reduced functionality for…
In your request, try to pass this value in your authorization headers, as Bearer token
Hello @elisa.zoom ,
We have made the required changes at our end. We are passing the token in header and param as well.
Do we need to remove the token from the param itself.?
Hi Team,
I am writing code in nestjs. And for downloading phone call recording I have used res.redirect() with res.header(‘authorization’, ‘bearer token’);
but getting error
{
“code”: 124,
“message”: “Access token is required.”
}
hi @mshanmugam145
How are you generating the access token that you are passing in your request?
I have created server-O-auth app in zoom market place and using this
type or paste code here
https://zoom.us/oauth/token?grant_type=account_credentials&account_id={account_id}
const headersRequest = { Authorization: `Basic ${basicToken}` };
These are the API request I am sending and I am getting access_token. → This is working fine.
But For downloading zoom call recording -
When I directly call that download_url with bearer token → working fine in postman.
But If I used in our application to download that - please find the below code for ref.
Controller:
@Public()
@Get('phone/recording/:id')
async redirectToAudioFile(
@Res() res: express.Response,
@Req() req: express.Request,
@Param('id') id: string,
) {
const audioUrl = https://zoom.us/v2/phone/recording/download/{id}
// here I am using the above generation of token --> working fine.
const { access_token } = await this.zoomService.getAuthToken();
// res.header('Authorization', `Bearer ${access_token}`);
// res.header({ Authorization: `Bearer ${access_token}` });
// res.set('Authorization', `Bearer ${access_token}`);
// res.set({ Authorization: `Bearer ${access_token}` });
// res.setHeader('Authorization', `Bearer ${access_token}`);
// console.log(res);
// req.('Authorization', 'Bearer my_token');
res.removeHeader('Authorization');
res.header('Authorization', `Bearer ${access_token}`);
res.redirect(303, audioUrl);
}
When I hit this request in postman - getting this below error
{
“code”: 124,
“message”: “Access token is required.”
}
Make sure that you are passing the access_token as a bearer token in your authorization method in postman
You can refer to this post here:
How to use our Server-to-Server OAuth with Postman?
As some of you might be aware of, our JWT app is being deprecated by June 2023 and we encourage you to migrate to the newly introduced Server-to-Server OAuth App
That being said, here is a quick and simple guide on how to use or new app with Postman
As stated in our documentation here:
This new app type facilitates OAuth-authenticated requests between servers without end-user involvement. And this grant type enable your private server a…
Access_token generation is working.
Working scenarios - If I directly send a request in postman
URL - https://zoom.us/v2/phone/recording/download/2VHN0SLpThmOFEp84HNVDQ
Authorization - "Bearer token"
Not working —
@Public()
@Get('phone/recording/:id')
async redirectToAudioFile(
@Res() res: express.Response,
@Req() req: express.Request,
@Param('id') id: string,
) {
const audioUrl = https://zoom.us/v2/phone/recording/download/{id}
// here I am using the above generation of token --> working fine
const { access_token } = await this.zoomService.getAuthToken();
res.header('Authorization', `Bearer ${access_token}`);
res.redirect(303, audioUrl);
}
Here I am using redirect with res.header(). As per my understanding,this res.header() this is not appending with res.redirect().
Hi @mshanmugam145
Can you share with me what endpoint are you using to get the call recording?
are you using this endpoint?
Hi @elisa.zoom
https://zoom.us/v2/phone/recording/download/{rec_id}
e.g:
https://zoom.us/v2/phone/recording/download/2VHN0SLpThmOFEp84HNVDQ
This url is coming from the event that whenever “phone_call_recording_completed”
triggered and within the payload as “download_url”
Thanks,
Shanmugam
You will have to generate an Oauth access token and pass it as the bearer token to download the recording.
The download_token included in the webhook response expires within 24 hours
Hi @elisa.zoom ,
This below API is used to get the access token for authorization header.
https://zoom.us/oauth/token?grant_type=account_credentials&account_id={account_id}
const headersRequest = { Authorization: Basic ${basicToken}
};
Is this correct ?
Thanks,
Shanmugam
Here is a link to our Docs on how to generate an access token using Server to Server
Hi @elisa.zoom ,
Yes I am using this one only for generating “access_token”.
Everything looks correct, here
res.header('Authorization', `Bearer ${access_token}`);
res.redirect(303, download_url);
In this redirect, this header authorization is not accepting in ZOOM.
This is actual issue. Bcoz the error I am getting as
{
“code”: 124,
“message”: “Access token is required.”
}
This means that zoom not getting token.
I am coding in nestJs.
Please let me know if your getting my issue/problem.
Thanks,
Shanmugam.