C# JWT token invalid

nvanderson · September 19, 2019, 10:15pm

I am having an issue with token, the error is invalid token.
Please help.

string key = "MY_Key";
             

                var securityKey = new Microsoft.IdentityModel.Tokens.SymmetricSecurityKey(Encoding.UTF8.GetBytes(key));
                var credentials = new Microsoft.IdentityModel.Tokens.SigningCredentials(securityKey, SecurityAlgorithms.HmacSha256);
                var header = new JwtHeader(credentials);
                var payload = new JwtPayload
                   {
                        { "iss", "my_API"},
                      { "iat", DateTimeOffset.Now.ToUnixTimeSeconds() },
                       { "exp", DateTimeOffset.Now.ToUnixTimeSeconds() + 1400 },
                   };
                        
                var secToken = new JwtSecurityToken(header, payload);
                var handler = new JwtSecurityTokenHandler();

                var tokenString = handler.WriteToken(secToken);

                Console.WriteLine(tokenString);
               
                var token = handler.ReadJwtToken(tokenString);

                Console.WriteLine(token.Payload.First().Value);
          
                RestClient client = new RestClient();
                client.BaseUrl = new Uri("https://api.zoom.us/v2");
           
                RestRequest request = new RestRequest("/users", Method.GET);
                request.AddHeader("Authorization", "Bearer " + tokenString.ToString());
               
                request.AddHeader("User-Agent", "Zoom-api-Jwt-Request");
                request.AddHeader("Content-Type", "application/json");
                var response = client.Execute(request);
                Console.Write(response.StatusCode);

ojus.zoom · September 19, 2019, 10:31pm

Hi @nvanderson,

Welcome to the Zoom Developer Forum. We are happy to help you.

If you are using the windows SDK, then there are two types of Authentications that you need to do within your implementation:

SDK Authentication
JWT Authentication

To do the SDK Authentication, you would need the SDK API key and secret. To get the SDK key and secret, please visit https://marketplace.zoom.us/docs/sdk/native-sdks/preface/sdk-keys-secrets. The SDK authentication is necessary for Zoom to allow you to use our SDKs.

JWT Authentication: If you need to do JWT authentication, please refer to the example mentioned here: https://github.com/zoom/zoom-sdk-windows/blob/45f58efe46cab9af80e2d9a7f24a1893e75a34c9/demo/sdk_demo_v2/zoomHmacSHA256.cpp. Even though this code is not written in C#, it is based on the same logic.
The JWT token enables you to use our APIs. To find a list of all our APIs, please visit: https://marketplace.zoom.us/docs/api-reference/introduction

To generate a JWT token, please ensure that you are using the correct API key/secret, not SDK key/secret
Please refer to this sample code for generating JWT tokens in our Windows demo app: https://github.com/zoom/zoom-sdk-windows/blob/45f58efe46cab9af80e2d9a7f24a1893e75a34c9/demo/sdk_demo_v2/zoomHmacSHA256.cpp

I hope this helps.

Thanks

nvanderson · September 20, 2019, 12:13am

Yes I followed the links, unfortunately they did not solve my problem.

@michael_p.zoom can you take a look here?

tommy · September 20, 2019, 5:25pm

Hey @nvanderson,

Can you try hard coding the JWT token from your Zoom App Dashboard and see if the error goes away?

request.AddHeader("Authorization", "Bearer JWTTOKEN");

If it works, that would mean your JWT generation code is not working properly.

Thanks,
Tommy

nvanderson · September 20, 2019, 5:43pm

Yes, the hard-coded value works. I am trying to figure our what is wrong the token generation…?!

tommy · September 20, 2019, 7:30pm

Hey @nvanderson,

I am no expert in C#. You can try using one of the .net libraries here to generate the JWT.

Also check out this stack overflow question about how to generate a JWT in C#

Thanks,
Tommy

nvanderson · September 23, 2019, 7:03pm

Finally figure it out…

tommy · September 23, 2019, 7:04pm

Happy to hear @nvanderson

If you don’t mind, could you post the solution so if others have trouble they can see how you fixed it?

Thanks,
Tommy

nvanderson · September 23, 2019, 7:24pm

According to this https://marketplace.zoom.us/docs/guides/authorization/jwt/jwt-with-zoom
only 2 parameters are needed inside the playload.
{ “iss”: “API_KEY”,
“exp”: 1496091964000
}

However, 4 are needed
string s =null;
like this { aud = s, iss = Key, exp = secondsSinceEpoch, iat= NowsecondsSinceEpoch };

tommy · September 23, 2019, 7:27pm

Thanks for posting this @nvanderson!

jtuschman · April 7, 2020, 2:16pm

Hi Sr,

I was trying to reproduce the authorization process by testing with the JWT token and I got Unauthorized because an Invalid access token:

The token was taken from the test kwt on app info

Any help will be appreciatte.

tommy · April 7, 2020, 9:24pm

Hey @jtuschman,

Please see my post here:

Thanks,
Tommy

jtuschman · April 7, 2020, 9:27pm

I did that but it did not work., even tho, I re-generated a new key and it did not work as well

nvanderson · April 7, 2020, 9:39pm

Did you include today’s date and token exp.date in Unix format?

jtuschman · April 7, 2020, 9:48pm

Actually I’m testing with the JWT token that you provided me on my app JWT dashboard, this JWT token need to be necessary to know if the authorization is granted. And this one did not work either

Best,
Jason

jtuschman · April 7, 2020, 9:50pm

Actually I read another post:

where this issue is occurring since last days… so maybe is related to my concern, I’m just want to validate and check where it could be solved

tommy · April 8, 2020, 7:47am

Hey @jtuschman,

Yes, this is a caching issue, can you please try again tomorrow?

Thanks,
Tommy

Fitpass · April 13, 2020, 8:30pm

I’m using the JWT as provided by the Zoom page “credentials” for my Marketplace app.

I am trying the token using the Curl code as provided by the Zoom page at https://marketplace.zoom.us/docs/guides/auth/jwt :

curl --request GET \
  --url 'https://api.zoom.us/v2/users?status=active&page_size=30&page_number=1' \
  --header 'authorization: Bearer 39ug3j309t8unvmlmslmlkfw853u8' \
  --header 'content-type: application/json

(I simply replace “39ug3j309t8unvmlmslmlkfw853u8” with my JWT token as provided by the Zoom web page “credentials” for my app)

I receive the error message "Invalid access token."

Please help.

nvanderson · April 14, 2020, 1:00am

I think you need to include exp.date and todays date, so

4 total parameters are needed

string s =null;

like this { aud = s, iss = Key, exp = secondsSinceEpoch, iat= NowsecondsSinceEpoch };

Fitpass · April 14, 2020, 2:50am

Thanks - I’ll give it a go, and I really do appreciate your reply.

But I’m using the JWT as created by the Zoom page, so surely Zoom will include any params that Zoom requires? I’m not creating the JWT using my own code (yet).

If my own JWT code works, I’ll update you here.

Either:

the Zoom page is giving me a bad JWT token, or…
the Zoom API is incorrectly rejecting my JWT token

Topic		Replies	Views
How to create JWT token using REST api in c# API and Webhooks	47	22922	January 11, 2021
JWT token creation in asp.net API and Webhooks	2	768	August 21, 2020
Getting Invalid Access Token for token I took from credentials page API and Webhooks	4	996	August 21, 2020
JWT app returns "invalid token" API and Webhooks	26	3923	July 30, 2020
I'm Creating JWT.After Creating JWT Getting api error API and Webhooks	4	812	October 19, 2020

C# JWT token invalid

Related Topics