test.asdc.cc

Multi-app Zoom utility endpoint. Add each Zoom app to /var/www/test.asdc.cc/zoom-app-clients.json, keyed by its client ID.

Some of these utilities may also be implemented on nodejs.asdc.cc as the shared Node.js service is expanded.

Webhook Receiver

OAuth Redirect

Use this redirect URL in the Zoom app OAuth settings:

https://test.asdc.cc/redirecturlforoauth?type=user&clientid={clientid}

The callback exchanges Zoom's code with the matching client secret from the JSON registry. It stores the latest access token and refresh token in a private local token store indexed by:

Retrieve a valid access token with:

GET /accesstoken?cid={cid}&aid={aid}&uid={uid}

If the stored access token is expired or close to expiry, the service uses the stored refresh token to request a new access token and refresh token, then overwrites the old stored record.

S2S Access Token API

Generate a one-off Server-to-Server OAuth access token with:

GET /s2s/token?clientid={clientid}&clientsecret={clientsecret}&accountid={accountid}

The accountid value is sent to Zoom as account_id. The token response is returned directly and is not stored.

Generate a one-off client credentials access token with:

GET /clientcredentials/token?clientid={clientid}&clientsecret={clientsecret}

This calls Zoom with grant_type=client_credentials. The token response is returned directly and is not stored.

Use this flow for Marketplace app-owned scopes that require the client credentials grant.

Deauthorization

Use this URL as the Zoom app Deauthorization Notification Endpoint:

https://test.asdc.cc/deauthorize

When Zoom sends app_deauthorized, the service deletes the stored OAuth token record matching:

Deauthorization payloads are not appended to the public webhook log.

SDK Signatures

Health

Check service status with GET /health.