Question
People commonly ask on the Zoom Developer Forum:
Why does calling GET https://api.zoom.us/v2/users/{userId} with a token from grant_type=client_credentials return “This API does not support client credentials for authorization”? My user‑managed General App has user:read:user in scopes, but the token only includes marketplace:* and imchat:userapp. Do I need a different app type or a different auth flow to read user data?
Answer
The Users APIs require a user-authorized OAuth access token, not a client-credentials token. Tokens obtained from POST https://zoom.us/oauth/token with grant_type=client_credentials are intended for marketplace/webhook/chat use and won’t work on Users endpoints, which is why you see: { "code": 124, "message": "This API does not support client credentials for authorization." }.
To fix this:
- Use the Authorization Code flow for your user-managed app:
- Redirect the user to authorize your requested scopes (e.g.,
user:read:user). - Exchange the authorization code at
https://zoom.us/oauth/token(authorization_codegrant) to get a user-authorized access token. - Call GET
https://api.zoom.us/v2/users/me(use the me keyword) to fetch the installing user without needing their userId.
- If you must read other users on the account:
- Make the app admin-managed or use account-level auth (e.g., Server-to-Server OAuth).
- Request admin scopes such as
user:read:admin, then call GEThttps://api.zoom.us/v2/users/{userId}.
Zoom Developer Forum Examples
Some examples of this question are:
