Cross-Match Registrants and Attendees

Hi,

We conduct medical courses and educations during which some sensitive information is being shared.
So, the below issue (and an urgent solution) is of utmost importance for us.

To strictly control the attendance, we created an internal (not-published) JWT app to manage the registrations as well as attendee tracking.
The reasons for attendee tracking are as follows:
• Authorization: only those who have passed certain qualifications can attend the meeting.
• Certification: attendee should spend at least a certain amount of time to be entitled to get a certificate.

The problem is that there is no way to cross-match the registration records with the attendees who actually joined the meeting (or I am missing something, hopefully).

Here is a sample transaction to/from Zoom API registration service:

{
    "request": {
        "email": "john.doe@hotmail.com",
        "first_name": "John",
        "last_name": "Doe"
    },
    "response": {
        "registrant_id": "twyX0LRq4*1$#bGFv9aN4n",
        "id": "***********",
        "topic": "THERAPY of ... ",
        "start_time": "2020-05-05T07:00:00Z",
        "join_url": "https://us02web.zoom.us/w/26269669188?tk=TnsX28p62Sv*^Amwb#hKvvxz5t!9@l9Cvgk&bfI0LVO4Q^MGRhBnHzDVmRMF3yGQFPq6y6V5mCHn9&fzqBUt5rKyoO6lvTd!$yw5f@UHzeS^IzV#SWra&pwd=o5nzrcy^zV@NMO%o3nQxnP79vBtpvMa6"
    }
}

And here is a participant-joined event from API:

{
    "payload": {
        "account_id": "v9oaX967VIey3NGUVeMjA!",
        "object": {
            "uuid": "ut!yPw06zwQ0*wW9y1t2Y0Iv",
            "participant": {
                "user_id": "5432123786",
                "user_name": "john dawson",
                "id": "ngmSksBDNwHNZnThidaOkR",
                "join_time": "2020-05-08T10:48:04Z"
            },
            "id": "***********",
            "type": 8,
            "topic": "THERAPY of ... ",
            "host_id": "dSuGdK7hIYKKODXbfzj92R",
            "duration": 360,
            "start_time": "2020-05-05T05:36:16Z",
            "timezone": "Europe/Istanbul"
        }
    },
    "event": "meeting.participant_joined"
}

You’ll notice that there isn’t any definitive / identifying value shared between those two payloads.
No e-mail, no participant id, no registration id, no username, no nothing…

Even the name of participant is not the same.
She (it was a she in the original record that I’ve taken this example from) was either already logged-in to her Zoom account and her name is different than the registration list and Zoom prioritized the former or even worse Zoom somehow asked her to enter a name when joining the event. Needless to say that we do not allow participants rename themselves.

Including, simply, the registrant_id in the participant object of the subscribed event would have solved this issue and I suspect that there’s no downside of it, security or performance-wise…
And if the registration is not required for that meeting/webinar, an empty string for that key would do.

So, here is our current solution(!?) to this issue:
Whenever someone joins the meeting, we give her/him via Zoom Chat a random 6-digit code and ask her/him to send it to us through WhatsApp from her/his registered phone number.
Unfortunately, it’s not manageable, it’s hardly a solution to begin with
They might not look at the chat window, they drop connection and re-connect again and again.

About the attendee time-tracking for certification purposes, there’s nothing I can do since manually tracking the join/leave times is virtually impossible.

And this is the situation for our current events of appr. 100-150 participants.
I absolutely have no idea how to verify attendees when we hold a large meeting with hundreds of doctors and specialists.

Ok, well…
Firstly, I cannot hold myself no more and say it:
Who designed this, for the heaven’s sake, and what were you thinking?

Secondly, is there something I can do to match a record from the registration reply to an attendee who actually joined the meeting?
Maybe, a setting in our marketplace JWT app or decoding the token in the join_url or something else, fingers crossed?

Thank you…

~ Fatih

*This post has been edited to remove any meeting / webinar IDs

I don’t know that there is a way to cross match, but you can export a report that tells you who was on by name and email or phone number and how long they were in the session for. It shows all rejoins as well if someone were to lose connection or etc. That said - the report doubles the number of participants, and requires some cleaning up once you have downloaded it.

Thanks for your reply @cmispeakers, though fetching and parsing the report(s) doesn’t meet our needs.
In fact, I wonder how this issue is not an issue for other fellow (pro) users.
Maybe, I’ve written a bit too long and complicated in my original post.

Let me put it this way…
A meeting’s created with registration required.
50 people registered.
The meeting started and 50 attendees joined.
45 of them has the same names as the registrations.
But 3 of them are different and 2 of them are duplicates.

Who is this Georgeann or Sasha or Annamaria, …?
Are they registered users and simply their account names are different?
Or have they got the meeting id and password from a registered user, then joined the meeting directly with id & pass circumventing/by-passing our custom registration system?

Another (possibly a better and more to-the-point) example:
Who are Mary T.'s?
Has Mary Teager connected from two devices or one of them is Teager and the other is Theodore?

I can’t simply throw them out of the meeting until the issue is resolved.
These are doctors, professors, mostly top-of-their-field specialists.
Really, more than a dozen of our participants have their dedicated wikipedia pages.
And they paid for this meeting (in some cases).
And sensitive content might have been shared so I cannot simply shrug my shoulders and say “oh, well…”
And the meeting’s already started (when I see the above conflicts) and I don’t have enough time to reach them out one by one to solve the problem.
Do you see how this can become a huge problem in a few minutes?

Possible solutions ( feature request ):

• Include registration and/or account e-mail in the participants window of Zoom app (observable only by Host).
• Include registrant_id in the participants window of Zoom app (observable only by Host).
• Include e-mail and/or registrant_id in the responses of events hook from API.
• Something else I couldn’t think of…

Writing these, now I remembered that I reached out to the Zoom Support when I first encountered this issue about a month ago or two.
The support person, being so helpful and meticulous, had to dig in to the internal logs of Zoom and tried to find the questioned attendee by comparing the timestamps. He struggled about 20 minutes until he gave up and apologized.

Yet another very lengthy and complicated post from me
I can only hope that I made myself a little bit clearer, this time…

Best,

~ Fatih

Your registration and participant data looks different than mine. From what I’ve seen the RegistrantID generated when someone registers is identical to the ParticipantID when they join. I am using this data to track attendees just as you seem to want to do.

Maybe take a closer look at your data or do a more closely controlled test?

Hope that helps…

Hi Philip,

Thanks for your reply.
I’ve written a script to compare the registration data and all incoming from events hook (participant/attendee info) for multiple events.
There isn’t any (definitive) value shared between those two sets of data.
After reading your message, I checked my code and ran it again with a hope to find something I’ve missed; alas, same result
Also, I picked some random records to check manually, still nothing.

By the way, I’m assuming you meant registrant_id by RegistrantID and payload->object->participant->id by ParticipantID, right?
That’s another interesting thing as some records (from events hook) have id field with a value, some have it but an empty string for the value and some completely misses it, there’s no id key.

Thanks again…

~ Fatih

Hmm. Well I’m using Zapier so my mileage may vary here…

This is what I did:

When I call the Zapier Registration Zap, I capture and store the RegistrationID (forgive my creative capitalization here). I store it in my event registrant db. Here’s what that unadulterated Zap log looks like:

|status:|registered|
|registrationId:|BexJj06mTGCaZ5WtNFvGIQ|
|webinarUrl:|https://us02web.zoom.us/w/84248430167[blah blah]

Then, I have a webhook parked on participant.joined and when that is called, I am able to do a lookup in my registrant DB using participantID. Here’s what that incoming JSON payload looks like:

payload__account_id: a9Vc1R2-QtWGyZ…
payload__object__uuid: rgHMbpVjRkmild4/+L…
payload__object__participant__user_id: 1681…
payload__object__participant__user_name: Judy Contreras
payload__object__participant__id: BexJj06mTGCaZ5WtNFvGIQ
payload__object__participant__join_time: 2020-04-28T23:41:01Z
payload__object__id: 991638…
payload__object__type: 5

I have no idea if this helps you at all but because I’m at a different interface level I though I’d just share what I’m seeing and maybe it will strike a chord with you (?)

Hope that helps!

Dear Philip,

This was very helpful, thank you…

Firstly, I don’t think using Zapier makes a difference, since both the registration data and webhook payload looks identical to what my backend’s receiving directly from Zoom.

Secondly, this is exactly what I’m looking for and what I was expecting to see: one single identifying, definitive value to tie the registration and attendee info of a given participant.

Unfortunately, my experience (the existing data I’m looking at right now) is way different than this.
I sincerely hope that it’s because I’m making a mistake here, my app’s settings or my web service sending a faulty request to Zoom, just something.
Because it’s way easier to fix that than the Zoom’s services have a bug.
Yet, I suspect that the problem is on my end since that payload__object__participant_id has a value different than registrant_id on all occasions, or not as an empty string or completely missing on some records (replies from webhook).

Hopefully, someone from the developer team will chime in and shed a light to this.

Again, thank you so much, your replies have been really helpful…

~ Fatih

Hey @pikonferans, @cmispeakers

Few points about matching registrants with participants:

1. Make sure the registrant uses their unique join_url to join the meeting.

2. Checkout the scenarios on our docs, which one are your users falling under?

   

   Screen Shot 2020-05-13 at 11.58.55 AM1226×222 37.2 KB

3. You can also cross match using the user_email field from the following endpoints:

Appreciate your input @philip!

Thanks,
Tommy

Semi-related question to which I think the answer could be useful for the above scenarios:

Per @tommy’s post above, we are using the Past Meeting Participants endpoint currently and matching on the email address. Which is pretty much working, but I am trying to understand the returned “Id” value in the Participant object. In the Participant Joined Meeting response the “Id” value in the Participant object mentions that it can store either a user id or a registrant id

but the documentation in the Past Meeting Participants endpoint for the “Id” value generically says “Participant UUID” (apparently I can only post one screenshot if I’m a new user)

Is the Past Meeting Participants endpoint “Id” always the userId or blank? Or is it ever equal to the registrant id like the Participant Joined Meeting webhook?

The implications here are that if the Past Meeting Participants Id is only ever equal to the userId, then we’ll only look to match on the email address. If the Past Meeting Participants Id behaves similarly to the Participant Joined Meeting Id, then we’ll first try to match on the registrant Id and then if no match will move to matching on the email address.

Hey @dmorse,

The id in the Get Past Meeting Participants endpoint is the same as the id in the Participant Joined Meeting Webhook and id in the Get Meeting Participant Report endpoint.

Thanks,
Tommy