Embedding Zoom webinar in website

I have a client requirement where we need to embed zoom webinars into website. We are using Drupal for building the website. My question is if we can create the webinars and start webinars from outside is it better to use JWT to embed and join or Zoom Meeting Web SDK more suitable.
Are we able to create webinars from website as well?
Does Q&A work with JWT as well?
Any documentation links are appreciated.I was looking at this Zoom Meeting Web SDK

1 Like

Hi, @shravaniT,
Thank you for posting and for choosing to build with Zoom.

We strongly recommend using the Zoom Meeting Web SDK over JWT. JWT may only be used for internal applications and processes. All apps created for third-party usage must use our OAuth app type.

Yes, you can create a Webinar from your Website via our APIs. We offer Create, Update, Read, and Delete Webinar API endpoints that you can leverage to develop a seamless user experience. As reference, I’ve linked the mentioned API endpoints you will want to use in your developer process below.

Create a webinar

Update a webinar

Get a webinar

Delete a webinar

Are asking does the Q&A feature work with Web SDK ? If so, yes, it works. See a list of supported SDK features in our Zoom Meeting Web SDK help documentation : Zoom Meeting Web SDK

Hi Donte,
Thanks for your reply.
We are making this API calls from a Drupal9 website.We need the Component view of web sdk just to render the meetings/webinars in the websites at this stage with a scope to create/update/delete webinars from websites at a later stage.
In order to render this component view onto website and start the website, i am following this documentation Meetings.
In this for joining the meeting/webinar in the website we need the SDK JWT signature.
Can you please direct me in the right direction.

If i have to follow OAuth as per this (Zoom Developer Docs), I do not see the Join function. Do we have join functionality through website using OAuth as well?


Happy to help! Down below I’ve linked our Generate Signature help documentation along with the Sample App. The documentation included snippets from different languages if you looking for something specific.

Hi Donte,

Could you please clarify these below questions:

  1. I am using JWT app credentials then i can access the users,meetings and webinars etc of my zoom account from the website directly through API(we do not need anyone to add webinars or install the app) it is just from website to API. In this case is it ok to use JWT app credentials

  2. With JWT credentials i successfully made connection and i could grab meeting details and add registrants and get registrants to my website.I got the join url for the required users email and got tk value.
    Now inorder to render the meeting on the website i need to use component/client view of websdk by pointing to CDN or npm. IS this correct

  3. Assuming i have to use component view, i added CDN and created signature and tried to render the meeting but receiving invalid signature
    When i tested by downlading this sample-web-app and used my JWT credentials, its working for meeting without registration but not working for meeting with registration or SDK app type credentials
    I am getting error when i used the PHP code example to generate signature as well

  4. If i were to use OAuth for API calls, do i need to create a SDK APP, Does it need to be published to test. Just to test i created SDK APP.
    I downloaded postman collection and tried to test with SDK credentials but i am not successful in receiving Access Token. Please provide instructions on this for PHP.

HI Donte, any help please
We are developing this embedding in Drupal CMS(Which is PHP based). Can you please confirm if the below process is correct.

We have to call zoom-API with SDK app type credentials to get the meeting/webinar details and get/manage registrant details within Php functions with this documentation Webinar Registrants
and create signature with this doc in php, Then pass the sdk key and signature and other details to websdk using CDN as per here

1.I am stuck on making API calls authentication failing with request as below request: with SDK key linked SDK app of test_vccc_alliance@lists.unimelb.edu.au account

$curl = curl_init();

curl_setopt_array($curl, array(

CURLOPT_URL => ‘https://api.zoom.us/v2/users’,









‘Accept: application/json’,

‘Content-Type: application/json’,

‘Authorization: Bearer SDK KEy’ ),


$response = curl_exec($curl);


echo $response;

Response received:

{“code”:124,“message”:“Invalid access token.”}

  1. And also the signature code i used in PHP from the above example is giving invalid Signature on Client.join using the CDN

function generate_signature ( $api_key, $api_secret, $meeting_number, $role){

//Set the timezone to UTC


$time = time() * 1000 - 30000;//time in milliseconds (or close enough)

$data = base64_encode($api_key . $meeting_number . $time . $role);

$hash = hash_hmac(‘sha256’, $data, $api_secret, true);

$_sig = $api_key . “.” . $meeting_number . “.” . $time . “.” . $role . “.” . base64_encode($hash);

//return signature, url safe base64 encoded

return rtrim(strtr(base64_encode($sig), ‘+/’, '-’), ‘=’);


i used the same SDK key as above and SDK secret associated and meeting number 83875216292 with role 0

Could you please guide me in the right direction why my calls are not successful.


The Zoom Meeting SDKs use an SDK Key and Secret to generate an SDK JWT for authorized use of the SDK. You will want to make the API call with the signature, not the SDK Key and Secret.

Have you tried to decode the signature to verify it’s correct or not? Please see this post for instructions on decoding and inspecting the signature.

Also, you can find a sample Node.js generate a signature function that you can reference for implementation :

JWT will be deprecated soon. You should leverage the OAuth access token to make API calls.

Correct! You will need to leverage our Web SDK component/client to embed Zoom into your site.

Strange. I am not able to reproduce that behavior on my end. As a test, can you use our Sample Signature node.js app instead of your function and let us know if the problem persists. You would just need to make a post request to the http://localhost:4000 with the following body:

“meetingNumber”: “91902958596”,
“role”: 0


  • The signature is only for authorizing use of the SDK.
  • You do not need to publish to test the SDK APP.
  • The SDK App type has OAuth credentials you leverage to manage meeting flows programmatically using Meetings APIs

Thank you so much for your time in meeting today and Elisa, Further to our discussion what I am looking for is to get a component view work on our Drupal website. Which is failing with signature Invalid error.
To resolve this I need some help with a PHP script to generate a signature to work with the Component view with SDK credentials/JWT credentials.

The code I used to generate the signature is from the below link which didn’t work Generate Signature

I can not use node.js as we could not integrate node.js into Drupal9 . Rendering Component view into website is the only thing i am looking for help.

1 Like


Pleasure meeting with you as well. Following our meeting, I did some testing and can confirm the PHP Signature code sample found here works. Here is what I did:

  1. Using an online editor and JWT API Key and Secret, I generated the signature with the code sample

  2. Using the Web Meeting-SDK Component View Sample App, copy the Direct Join URL and replace the signature parameters value with the generated signature

  3. To test Join, open a new tab and paste the URL in the browser.

Can you test the flow on your end using the Sample App and let us know the results.

1 Like

are you sure you are using the right routine to create the signature

JWT Signature (deprecated):

SDK JWT Signature:

→ Node.js generate SDK JWT function

function generateSignature(sdkKey, sdkSecret, meetingNumber, role) {
  KJUR.jws.JWS.sign('HS256', sHeader, sPayload, sdkSecret)

(no sample code exists - yet - in PHP)


Thank you for contributing to the Developer Forum @j.schoenemeyer! :smiley:

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.