0

I have been working on integrating Zoom video conferencing API in my web application. By using OAuth and authorizing my application to Zoom, I have got an authorization code which can be used to get access token from Zoom to make subsequent API requests. I am sending a node request to https://zoom.us/oauth/token endpoint according to this documentation for getting access token.

I don't have any idea why they are using zoomcallback as their endpoint. Below is the code to send a request to get access token:

router.get('/zoomcallback', function(req, res) {

    const zoomtokenep = "https://zoom.us/oauth/token";
    const myappredirect = "https://myapp.io/zoomcallback";

    if (req.query.code) {
        var auth = "Basic " + new Buffer(zoomclientid + ':' +
            zoomclientsec).toString('base64');
        var url = zoomtokenep + '?grant_type=authorization_code&code=' +
            req.query.code + '&redirect_uri=' + myappredirect;
        request.post({
            url: url,
            headers: {
                "Authorization": auth
            }
        }, function(error, response, body) {
            if (error) {
                console.log("Error when getting Zoom token = " + error);
                return;
            }
            body = JSON.parse(body);
            if (body.access_token) {
                accessToken = body.access_token;
                refreshToken = body.refresh_token;
                // Process and securely store these tokens
            } else {
                console.log("FATAL - could not get zoom token");
            }
            return;
        });

    } else {
        console.log("Missing code from Zoom");
    }
    });

This is the successful response against this request:

{
  "access_token": "5kwaMOrdEFWx1jYVK8qg80cImPYBA83Zff",
  "token_type": "bearer",
  "refresh_token": "Ggf2816C5ANa6XVplzO8vwE6IRIXtjvE",
  "expires_in": 3599,
  "scope": "meeting:write user:read recording:write webinar:write"
}
Tomerikoo
  • 18,379
  • 16
  • 47
  • 61
Umar Raza
  • 211
  • 1
  • 6
  • 19
  • How is this related to PHP? – M. Eriksson Jul 25 '19 at 13:37
  • Actually my project is in laravel. But, i have to integrate node with it to get access token in order to make api call for zoom resources. – Umar Raza Jul 25 '19 at 13:44
  • Why don't you just call their API in PHP directly? Either way, only add tags that are directly related to your issue. Since your issue here is your js-code, the PHP tag is irrelevant – M. Eriksson Jul 25 '19 at 14:06

1 Answers1

3

You are misunderstanding the flow here. The flow of any external auth provider is:

  1. Click some button, to REDIRECT to THEIR(in your case, zoom) login page.
  2. User provides username and password there and logs in, then the auth provider(i.e zoom) redirects to YOUR APP with a access code.
  3. Now, your app will decrypt or make sense of the access code and get auth code(of some sort) FROM that access code. And use the auth code with all the REST api requests.

Now, Here, 2nd point is where the /zoomcallback comes in. You need to set in your ZOOM dashboard where it will redirect. In the tutorial the provided /zoomcallback but it may be anything.

Basically, you need a route where zoom will redirect TO, where you will get the auth token and use that in Apis.

Aritra Chakraborty
  • 12,123
  • 3
  • 26
  • 35
  • You can also use a Zoom JWT App Token in place of an access token (as the Authorization Bearer) if you intend to only use the Zoom API for your own Zoom account. Zoom JWT Docs: https://marketplace.zoom.us/docs/guides/authorization/jwt/jwt-with-zoom Related answer: https://stackoverflow.com/a/56282015/6592510 – tommygaessler Jan 29 '20 at 21:41