Dynamically generate JWT token

Using this template helps us debug your issues more effectively :slight_smile:

Description
I understand that I can generate JWT via Zoom App Market place in a manual fashion. Or I can use one of the jwt.io libraries to create an endpoint. Is there a way I can generate a JWT via Postman? The ultimate goal is to simulate what Postman does via our ETL server so that we can “dynamically” generate and extract a JWT that can be used in downstream API calls.

Having said this, I wonder…

  1. Is this feasible?
  2. If yes, what POST request URL to put in Postman to generate a JWT. And what to put in the header section?
  3. If no, will OAuth2 work this way instead (I have been successfully doing this way with other API services. Since it is an end-to-end communication with just only one user, we did not have do create any callback service)

Please help.
Thanks,
Daniel

Error
The full error message or issue you are running into.

Which App Type (OAuth / Chatbot / JWT / Webhook)?
Knowing the endpoint/s can help us to identify your issue faster. Please link the ones you need help/have a question with.

Which Endpoint/s?
Knowing the API endpoint/s can help us to identify your issue faster. Please link the ones you need help/have a question with.

How To Reproduce (If applicable)
Steps to reproduce the behavior:

  1. Request URL / Headers (without credentials) / Body
  2. See error

Screenshots (If applicable)
If applicable, add screenshots to help explain your problem.

Additional context
Add any other context about the problem here.

Hey @kisappdev,

Welcome to the community!

I hope I am understanding you correctly here…

You do not request JWT tokens via postman, they are generated from your API Key and Secret. Instead, you should set up an endpoint on your own server which you call via postman. This endpoint then generates the JWT token using the process defined here.

Regarding your point about OAuth, are you planning on using the API to access other 3rd party accounts not linked to your app? If so, then you will need to use OAuth for authentication.

Thanks!
Alex

Hi Alexmayo,

Our ultimate goal is to periodically pull participants’ information of live or past zoom sessions via invoking Zoom APIs from our ETL server. We chose to use JWT since is it a direct server-to-server communication (that is our ETL server to the Zoom API server).

I understand that any API calls need to pass a JWT token in the request header (Authorization: Bear #####). So, we are trying to find a way to generate a JWT token dynamically without having to manually get it via the Zoom App Marketplace.

My past experiences with other API services with OAuth2 have been that there is typically a POST request URL that I can call with API Key/Secret that returns an access token.

With this said, are you saying that we have to build an endpoint using the jwo.io library and that’s the only way to generate the JWT token?

Daniel

Hey @kisappdev,

Have you considered using Postman’s pre-request scrip to generate a JWT token?

Thanks,
Will

Hi Will,

curl --location -g --request POST '{{url}}'

Is the {{URL}} an endpoint server that we need to create?

  • Daniel

To be clear, here is the figure that describes what we are trying to achieve.

  • The ETL client (on the left) sends a JWT token generation request to “a server” (in red).
    Please note that the ETL client is the only client that is hooked up with the API key/secret. That is, we have no other client/users. In this sense, the request is a server-to-server communication (From the ETL server to the one in red).
  • The server processes generating a JWT token and sends it back to the client
  • The client uses the newly generated JWT token to Zoom API calls.

This way, we can fully automate Zoom calls without having to “manually” generate JWT tokens.

I am told that the one in red is called an “endpoint” server, and we need to create it on our own. Is this correct? If then, can you please point me to a document/resource that describes the details of what the endpoint server is supposed to do?

  • Daniel

Hey @kisappdev,

Thank you for your question.

That is the URL where you would be making the request with the JWT token. Postman has an example of how to set this up here.

If you wanted to have an endpoint on your server that generates a JWT token, that would be fairly straightforward to accomplish. That’s a pattern that we see fairly often. Please see our documentation on using JWT with Zoom. That should provide the steps necessary to generate a JWT token using the language your server is written in.

Let me know if you have any questions.

Thanks,
Max