cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

API Revoke - Multiple Tokens Bug

kwoods
Listener

‎2023-08-10 04:15 AM

Scenario:

Single user multiple access tokens.

 

When I call the revoke endpoint with an access token then all the user's access tokens become invalid.

 

example:

RESP=$(curl -X POST https://zoom.us/oauth/token -d 'grant_type=account_credentials' -d "account_id=$ACCOUNT_ID" -H 'Host: zoom.us' -H "Authorization: Basic ${BASIC_CRED}")

echo "RESP - $RESP"

AT=$(echo $RESP | jq -r .access_token)

echo "AT - $AT "

C_CHAN=$(curl -X POST https://zoom.us/v2/chat/users/me/channels -H 'Content-Type: application/json' -H "Authorization: Bearer ${AT}}" -d '{  "name": "KEY-1234", "type": 3}')
echo "Created $C_CHAN"

C_CHAN_ID=$(echo $C_CHAN | jq -r .id)

# get 2nd access token

RESP_2=$(curl -X POST https://zoom.us/oauth/token -d 'grant_type=account_credentials' -d "account_id=$ACCOUNT_ID" -H 'Host: zoom.us' -H  "Authorization: Basic ${BASIC_CRED}")

AT2=$(echo $RESP_2 | jq -r .access_token)

#REVOKE FIRST TOKEN

curl -X POST https://zoom.us/oauth/revoke -d "token=${AT}" -H 'Content-Type: application/x-www-form-urlencoded' -H "Authorization: Basic ${BASIC_CRED}"
echo "AT2 - $AT2"

# send message with 2nd token
curl -X POST https://zoom.us/v2/chat/users/me/messages -H 'Content-Type: application/json' -H "Authorization: Bearer ${AT2}}" -d "{ \"message\": \"message \", \"to_channel\": \"$C_CHAN_ID\" }"

#FAILS 😞

Topics:
0 Likes
1 REPLY 1

VA
Zoom Moderator
Zoom Moderator

‎2023-08-14 10:45 AM

Hi @kwoods and welcome to the Zoom Community! I'm sorry you haven't received an answer to your question yet. You may want to ask over in our Developer Forum, they will be better able to help!


Virginia (she/her/hers)
Zoom Community Team
Have you heard of Zoom AI Companion?
0 Likes