We are seeking technical clarification regarding the upcoming Meeting SDK authorization changes scheduled for March 2026. We need to verify our interpretation of the new requirements to finalize our system’s architecture.
- Current Implementation (As-is)
Our platform integrates the Zoom Meeting SDK with the following model:
Host/Organizer: Integrates their Zoom account via OAuth and creates meetings via API.
Participants: Join the session via an Embedded Web Meeting SDK UI (a browser-based experience without launching the Zoom client app).
Current Auth: We use SDK JWT, allowing participants to join anonymously without signing into a Zoom account.
- Impact Interpretation
Our understanding is that after March 2, 2026, the current “SDK JWT only” method will be rejected for any attendee joining a meeting hosted by another user. Consequently, our current embedded browser-based join flow will cease to function.
Is this interpretation correct?
- Specific Questions on Transition Paths
We are evaluating two transition paths. Could you please confirm if our interpretations (A, B, and C) are correct?
Case 1: Using OBF (On Behalf Of) Tokens
Q-A (Participant Account): By using OBF tokens derived from the Host’s OAuth grant, will participants still be able to join via our Embedded Web SDK UI without having their own Zoom accounts (maintaining an anonymous-like experience)?
Q-B (Chaperone Rule): Is it correct that the authorizing user (the Host) must be present in the meeting when using OBF tokens? If the Host is not in the session, will SDK-based participants be blocked from entering or be disconnected?
Case 2: Using Participant’s Own ZAK Token
Q-C (Bypassing Chaperone Rule): If a participant has their own Zoom account and joins the session via our Embedded Web SDK UI using their own ZAK Token, will they be exempt from the Chaperone Rule? In other words, can they join and remain in the meeting even if the Host is absent?
We would appreciate any insights from the Zoom team to ensure our redesign is compliant with the new security requirements.
Thank you.