Does each Customer require a JWT API Key and API Secret?

A general question, our use case is to allow each of customer to view Meetings and Webinars via the webSDK, and I have a proof of concept working that displays meetings / webinars.

I have created under my account; a JWT App and I am using these credentials for the signature - and this is working fine.

For each of our customers, they will have an account already with Zoom. Will each of these mutual customers be required to provide use with their JWT API Key and API Secret?

Which I think makes sense, but I just wanted to check with you, if there is a way a customer can ‘trust’ our JWT API Key and Secret.

I am trying to determine if its possible to save each customer the need to create a JWT API Key and API Secret.

1 Like

I also have the same question, In my case we have multiple host and single web sdk integrated angular app. And some of our participant are facing issues like timeout issue while trying to join in morning session. So I suspect this timeout is because of JWT.

Is there any hard limit to in using single jwt token for participant to join using web sdk ?

Hey @darragh.duffy,,

We highly discourge asking users to share their JWT credentials.

How the Web SDK works is the developer uses their JWT credentials to host the Web SDK and generate the signature.

The Web SDK can then join any meeting, internally or externally to your Zoom account, but the Web SDK can only start meetings that belong to the same Zoom account as the JWT credentials.

If you would like to take actions on external Zoom users behalf, like creating and managing meetings, you can create an OAuth app and use the OAuth flow.

Please let me know if you have additional questions! :slight_smile:


Thanks Tommy for taking the time to answer the question, I know you and the team must be super busy.

I do have a follow up question, I am more focused on Webinars at the moment. (And I know at present the WebSDK can not start webinars - I believe a later version will have this.) I think you have answered this already but I am just clarifying please, you said:

The Web SDK can then join any meeting, internally or externally to your Zoom account

Here I am focusing on externally, this is the scenario:

  • Customer Bingo has a Zoom Account
  • We have a Zoom Account Pro or higher (i.e., paid licensed account)
  • We have a JWT API / Secret on our Account (not the customer’s)
  • Customer Bingo has a Webinar set up, and the Webinar ID “1234567890” and Password is “BINGO”

The question is then

Our WebSDK JWT API from our Zoom Account can create a signature and Join this Webinar?

To do this - we need the Webinar ID and the Password. (we probably don’t need the password i.e., the user can enter the password)

A Final Question :slight_smile:

Apart from not be able to Start the Webinar or Meetings. Will there be any scenario where our WebSDK will NOT be able to Join a Webinar ?

1 Like

Hey @darragh.duffy,


No, you should be able to join the webinar. :slight_smile:


1 Like

Thanks @tommy for the confirmation

1 Like

You are welcome @darragh.duffy! :slight_smile: