Embed Zoom experience in my website

I’m trying to embed the Zoom experience into a website. The goal is have Zoom as part of a larger website experience. I have worked through the examples of using the Web SDK. I have a backend that generates a signature per the example. I have a website that loads up the Web SDK and follows the steps to define a meeting configuration, initialize the meeting as a host, and join the meeting.

I can view the website and see the Zoom interface. But when I try to join the meeting, I get an error on my site (javascript console) about the signature length being wrong: 0 < length < 150.

The server code example notes the keys are for a JWT token, but I’m building an SDK app and used those keys (App ID and Secret).

I have read through other forum posts about the 0 < length < 150 error, but they have not helped. My signature is properly formatted with a room ID and role and other elements (API Key, etc.).

I tried creating a JWT app and using its credentials (key and secret) for the signature generation. This results in a different error:

No permission, with error code 3713.

Note that in both cases above I adjust the client web app to use the appropriate API key.

Hi @ed.arenberg,

Welcome to the community.

For the Web Client SDK, you should use a JWT API Key and Secret, instead of SDK credentials as mentioned here.

Please could you try joining the meeting again using the credentials mentioned above?

If it still does not work, please post the code you have written to geenrate your signature (redacting any api keys and tokens).


@alexmayo Thanks for the reply. As you’ll note in my followups, I did switch to the JWT keys and experienced the permission error with code 3713. I start a meeting on my phone, get the meeting number and password, and try to join it from the Web app and get that permission error. Here’s my signature code:

const express = require('express')
const bodyParser = require('body-parser')
const crypto = require('crypto')
const cors = require('cors')

const app = express()
const port = process.env.PORT || 4000

app.use(bodyParser.json(), cors())
app.options('*', cors());

app.post('/', (req, res) => {

    const timestamp = new Date().getTime() - 30000 // - 30000
    const msg = Buffer.from(process.env.ZOOM_JWT_API_KEY + req.body.meetingNumber + timestamp + req.body.role).toString('base64')
    const hash = crypto.createHmac('sha256', process.env.ZOOM_JWT_API_SECRET).update(msg).digest('base64')

    const sig = `${process.env.ZOOM_JWT_API_KEY}.${req.body.meetingNumber}.${timestamp}.${req.body.role}.${hash}`;

    const signature = Buffer.from(sig).toString('base64')

    signature: signature

app.listen(port, () => console.log(`Zoom Web Client SDK Sample Signature Node.js on port ${port}!`))```

Hey @ed.arenberg,

Please send an email to developersupport@zoom.us with a link to this thread. In that email, please include the signature that you’re using. I’ll investigate further from there.


1 Like