Zoom removing ability to set, refresh and revoke tokens in URL query parameters #250
Ralpharama
started this conversation in
General
Replies: 2 comments 1 reply
-
|
I received the same email yesterday, only 5 days before the deadline! Fortunately, I noticed the announcement last month buried in this page. I implemented the necessary change in #243 and it was released in ZoomNet 0.52.0. |
Beta Was this translation helpful? Give feedback.
1 reply
-
|
Phew! Great thanks, I'd better upgrade to 0.52.0! |
Beta Was this translation helpful? Give feedback.
-
|
Zoom just announced they are postponing this breaking change until February 2023. This gives you a few more weeks to upgrade to ZoomNet 0.52.0 |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
I'm sure you are on this but I just thought I'd re-post an email from Zoom I got today about an API update taking effect on the 19th Nov 2022. Just in case ZoomNet sends tokens as query params!
Ralph
Zoom API Security Update
Dear customer,
As a part of our continuing efforts to improve the security of Zoom OAuth App Types using Authorization flow, we are removing the ability to set the access tokens, refresh tokens and revoke tokens in the URL query parameters. This change will take effect on November 19th, 2022. It is strongly recommended that you update your API calls to set the token values in the Authorization header and not the HTTP query parameters. Failure to do so will result in rejected API calls and a reduced functionality for your application. If you are not the technical point of contact, it is strongly recommended that you forward this message to the appropriate party.
https://marketplace.zoom.us/docs/guides/stay-up-to-date/announcements/#support-for-x-www-form-urlencoded-content-type-headers
Beta Was this translation helpful? Give feedback.
All reactions