Created meeting settings not being honored by API

Description
When creating a meeting, the join_before_host and waiting_room settings are not being honored and seem to clash with the Zoom account settings even when supplying a password for the new meeting in order to meet the new Zoom security guidelines:
Require that all meetings are secured with one of the following security options: a passcode, Waiting Room, or “Only authenticated users can join meetings”. If no security option is enabled, Zoom will secure all meetings with Waiting Room.

The meeting always has waiting_room enabled even when set to false

Error
No API error, just what seems to be a bug

Which App Type (OAuth / Chatbot / JWT / Webhook)?
API request (OAuth)

Which Endpoint/s?
/users/me/meetings

How To Reproduce (If applicable)
Steps to reproduce the behavior:

1. Go into the account settings and turn off “Waiting Room” and “Meeting Passcode”
2. Create a meeting with the API and make sure that you set join_before_host to true, waiting_room to false, and supply a password (so that you meet the new Zoom security guidelines)

Screenshots (If applicable)

Screen Shot 2021-01-05 at 4.48.05 PM1658×1104 129 KB

Additional context
API request sent:

{
  "password": "3-k6*x0_",
  "topic": "Meeting",
  "agenda": "A Meeting",
  "type": 2,
  "start_time": "2021-01-05T21:00:00.000Z",
  "timezone": "UTC",
  "duration": 15,
  "settings": {
    "join_before_host": true,
    "waiting_room": false
  }
}

Example meeting id with the issue: 91548752078

Hi @omarestrella,

Thanks for reaching out about this.

Can you please share the full request URL and API response body as well? This will help me to further debug.

Thanks!
Will

Thanks for helping!

The URL used is: https://api.zoom.us/v2/users/me/meetings

The response was:

{
  "agenda": "A Meeting",
  "created_at": "2021-01-05T21:41:54Z",
  "duration": 15,
  "host_email": "omarestrella@bitcreative.net",
  "host_id": "KJp-LTo5SOCMhp1DhpsFww",
  "id": 91548752078,
  "join_url": "https://dev-genesys-cloud.zoom.us/j/91548752078",
  "settings": {
    "allow_multiple_devices": false,
    "alternative_hosts": "",
    "approval_type": 2,
    "approved_or_denied_countries_or_regions": {
      "enable": false
    },
    "audio": "both",
    "auto_recording": "none",
    "close_registration": false,
    "cn_meeting": false,
    "encryption_type": "enhanced_encryption",
    "enforce_login": false,
    "enforce_login_domains": "",
    "global_dial_in_countries": [
      "US"
    ],
    "global_dial_in_numbers": [
      {
        "country": "US",
        "country_name": "US",
        "number": "+1 3126266799",
        "type": "toll"
      },
      {
        "country": "US",
        "country_name": "US",
        "number": "+1 6465588656",
        "type": "toll"
      },
      {
        "country": "US",
        "country_name": "US",
        "number": "+1 3017158592",
        "type": "toll"
      },
      {
        "country": "US",
        "country_name": "US",
        "number": "+1 3462487799",
        "type": "toll"
      },
      {
        "country": "US",
        "country_name": "US",
        "number": "+1 6699009128",
        "type": "toll"
      },
      {
        "country": "US",
        "country_name": "US",
        "number": "+1 2532158782",
        "type": "toll"
      }
    ],
    "host_video": false,
    "in_meeting": false,
    "jbh_time": 0,
    "join_before_host": true,
    "meeting_authentication": false,
    "mute_upon_entry": false,
    "participant_video": false,
    "registrants_confirmation_email": true,
    "registrants_email_notification": true,
    "request_permission_to_unmute_participants": false,
    "show_share_button": false,
    "use_pmi": false,
    "waiting_room": true,
    "watermark": false
  },
  "start_time": "2021-01-05T21:41:53Z",
  "start_url": "https://dev-genesys-cloud.zoom.us/s/91548752078?zak=eyJ6bV9za20iOiJ6bV9vMm0iLCJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJjbGllbnQiLCJ1aWQiOiJLSnAtTFRvNVNPQ01ocDFEaHBzRnd3IiwiaXNzIjoid2ViIiwic3R5IjoxLCJ3Y2QiOiJhdzEiLCJjbHQiOjAsInN0ayI6ImdvS2ljZDRzNTFfTGt5RnlybGtQSWlCNXlHTjBBeE5aQmtTVkZWVy1ocVEuQUcudXVoVU9OOGhEUkExZkJLZEJRRTBJcDBVSW0zWHhoNlhFS1hKbDlYNlJNckhzQkEyUUExeG1ZX2l4WG1jaDlHM09SUEhzc0pwUUx5VUltdy5PeWJnckpKQTI2VFdMMjV1UThwQVZBLmVvbjF6UHVpVi1hZzFRcFUiLCJleHAiOjE2MDk4OTAxMTQsImlhdCI6MTYwOTg4MjkxNCwiYWlkIjoiMF9Kb0N0S0JSR20zQmVobjd5NUhTdyIsImNpZCI6IiJ9.BwZy4uEJPBbcLucDmvbCCGuS00ml2R3jtEhpKHaGw1Y",
  "status": "waiting",
  "timezone": "UTC",
  "topic": "Meeting",
  "type": 2,
  "uuid": "wVf/0iXdTPuz4PmauBC0rg=="
}

Hi @omarestrella ,

Thanks for sharing this—I don’t see anything wrong with your request itself. I’m wondering if your account level waiting room setting is overriding your request. Can you please try locking the waiting room setting off on an account level?

image1057×92 12 KB

Let me know if this resolves the issue,
Will

After locking the “Waiting Room” account setting, it created the meeting with waiting_room set to false as expected.

This behavior seems wrong to me, though, as I thought that meeting settings would be respected before account settings as long as the Zoom platform security requirements were met.

For example, that seems to be how the join_before_host works. If I pass in true or false on create/POST, what is passed into the API is the value that is set on the meeting response, regardless of the account setting:

Screen Shot 2021-01-07 at 3.13.05 PM1668×246 16.5 KB

Hi @omarestrella ,

I believe this is a result of the API behavior decribed here:
https://marketplace.zoom.us/docs/guides/stay-up-to-date/announcements#api-behavior-changes

Zoom will overwrite the value(s) provided in the request to enable at least one of these settings

In this case, this would be the waiting room, unless it’s locked.

Let me know if this helps to clarify,
Will

Thank you for the documentation! I just want to get a little more clarification on why this is happening.

According to the documentation, you need at least one of the following enabled:

1. A password
2. Set waiting_room to true
3. Sett meeting_authentication to true (and supply the required setting)

As far as I can tell, I meet that requirement by setting a password in my request. As the doc says:

If you do not comply with this requirement and disable all three meeting security settings ( password = null , waiting_room = false , meeting_authentication = false ), Zoom will overwrite the value(s) provided in the request to enable at least one of these settings

But as I’ve shown, this happens even if you meet the requirement and set a password. This behavior seems to be the opposite of the documentation.

Hi @omarestrella,

Thank you for the reply! To clarify, I believe this would be expected behavior since your account-level settings did not have at least one of these settings locked previously (correct me if I’m wrong ).

If one of these settings aren’t locked on an account level, I do believe Zoom will overwrite the settings in your API request such that at least one is present—in your case, the waiting room.

Let me know if this makes more sense, or if you still have questions.

Thanks,
Will

Yes, that is correct. Thanks for clarifying that for me.

I’ll make sure that the account level settings reflects at least one of those settings and is locked. Just wanted to be sure that it is intentional that the account level settings will be overwriting what is sent from the API.

Thank you for all of your help!

Hi @omarestrella ,

No problem—glad I could help clarify!

Best,
Will

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.