Clarification on the new developer site


Since Zoom has migrated to the new developer site, I went into it and checked for all the old stuff that would need to be configured in order to stay up to date with Zoom. A little background: I am doing API integration using JWT token only and our site does not want to release any app specific to the marketplace, just normal integration with Zoom products through the API.

A couple things that I noticed that I need some clarifications. I see that things like JWT token, old webhook, OAuth, etc… are now listed as an app within the portal and they are account level instead of users. Upon them, there are a few things that confuse me:

  • The first is the webhook. I have 1 webhook added through the API previously and now it was migrated into legacy webhook app with all the correct information. However, in the list, it said that “This webhook only app contains the old version of events, which are about to expire. Please recreate the webhook only app and use the new version of events.” So does that mean this old webhook will be gone away in the near future and when will that happen?

  • Second, I added the new webhook app with similar information to the old one. However, this new one does not have a way to specify webhook username and password, only gives me the Verification Token that can be regenerated like the API token. So does that mean for new webhook, I will have to use the token instead of predefined username/password?

  • Third, how is this new webhook app can be retrieve from the API and modify using the existing API? When I use the API endpoint to list webhook (, it only gives me the old webhook and nothing indicate the new webhook.

  • Fourth, I asked before about the reason why we cannot have multiple webhook endpoints when adding through the API. Our sale rep responded to back to me with the answer from the engineer team that because of DDOS issue, Zoom does not allow to have multiple endpoints. I believe that answer is not correct in some aspects. Now, within the new dev site, I can add multiple webhook apps and point to different endpoints. At that point, how does that even work with the API and the whole webhook system? Will Zoom try to send the message through each webhook app or there are the limit on the amount of webhook app you can have? In addition, I remember in the marketplace, initially, Zoom had a way to specify 2 webhook endpoints for an app, one for production and one for development? Is that apply to this type of webhook app or is it something else?

  • Fifth, in the JWT app, there is a new section that I think it is refer to webhook stuff. How is that tying with the webhook and how does it work?



Great questions!!

I’d be glad to answer them for you! :slight_smile:

This phrasing is going to be changed, we realize it is not super clear. These will stop functioning in the future but not until the end of Q2 at the earliest. I would recommend you start moving soon but you have some time.

Yes, you will need to use the token when switching to the new webhook framework. We have found this is easier to use and most developers prefer this method.

We are looking to add support for the newer webhook versions to the API but at this time they are not supported. We will make this more clear in the documentation, thanks for brining this to our attention.

We will be bringing multiple webhook-only “apps” to the marketplace in a future update, but I don’t have a clear timeline but I would expect it to be before the end of the year at the latest.

I’m not sure where this is, could you please link a screenshot so I can make sure to answer the question accurately?

Let me know if you have any additional questions! :slight_smile:



Hi Tim,

Thanks for the answers.

So for the JWT app, there is a Feature setting in it where it allows me to specify a webhook property. I have attached the screenshot for that setting here.

After going through the new dev site, I have noticed a couple things that I would like to note here:

  1. If I add the webhook type app, it does not send any webhook event to that endpoint. However, if I add the webhook information to the Feature setting of the JWT app, then it works properly. So either the webhook app has not been turn on or it is something else different that what I imagine. Does “webhook-only apps” different compared to the webhook that I have been using from the API?
  2. Since I still have access to the old legacy webhook, it is possible to have Zoom to send the webhook event using the legacy setting and the new webhook setting, which basically means I can have at most 2 webhook endpoints. However, the event payloads are very different from one setting compared to the other.

In addition, I would like to know if you guys will put out notice on the legacy webhook deprecation before the actual removal date so I can prepare our integration to switch over to use the new setting instead?




Hi @Thai_Nguyen,

The Webhook only apps will feature additional event types that the old developer site does not have. Also, it should be working, were you able to activate the webhook app?

Right now its not possible, it’s best best to migrate off the legacy webhook as soon as possible.

As soon as we have a date we will notify all developers within 30 days of deprecating the legacy webhook.




I understand the different between the new app style webhook vs the legacy webhook. My confusion is that there are two different things about the new webhook that in both the JWT app as well as the separate webhook app. I had verified that both contain same settings and you can see in the screenshot that the Feature page contains the token part which indicates that is belonging to the new webhook. However, the only thing that works for me was within the JWT app, and not the webhook app (I did activate it and made sure it was there with all the correct configuration as well as only used one at a time or set a different endpoint to monitor).

I also can confirm that I can receive both legacy webhook event payload and new webhook event payload by assigning different endpoint within the JWT app and the legacy webhook config. Not sure if that is unintended because of the transition from the old dev site to the new site.



Thai, I’ll be meeting with you on Friday. Looking forward to chatting! :slight_smile:



Hi @tim.slagle @Thai_Nguyen

Can anyone of you please clarify the differences between the new webhook app and the webhook under the JWT’s feature?



After some experience with them, I believe they are the same. In the JWT case, it is mostly for convenience where you would only need one endpoint for your webhook listener. If you need more than one endpoint, then the webhook app is needed. Based on my testing, I can at least create at the minimum 2 endpoints using the webhook app. Initially, I would have to regenerate the token every time I made the changes to my webhooks in order for the webhook to be actually activated. Not sure if that bug has been fixed yet.




@Thai_Nguyen, you are right, the webhook app and webhook(event notification) under JWT app works the same.

Could you elaborate on your issues with the webhook?