Using the REST API w/ JWT
Zoom API Version 2 utilizes JSON Web Tokens (JWT) for authentication. To use Postman with the Zoom API, we need to provide a JWT. The easiest way to do this is to go to jwt.io and create one.
(You will first need to go to your developer account page and get your API key/Secret to generate the token).
Build your JWT on the jwt.io by populating the Decoded section with the following. Replace the
<API_SECRET> with your information, and set the expiration time (
exp ) in the payload to a future time. In your Production implementation, we recommend setting the
exp to something short like 60 seconds.
Using the REST API w/ OAuth2
You need to build an app using https://marketplace.zoom.us to obtain your API Keys.
Then, you’ll need to follow the OAuth with Zoom docs to initiate the OAuth2 Authorization Flow. When you’ve received the
authorization_code, you’ll exchange it for an
Then you can use that
access_token to authenticate your REST API Requests.
Make sure to set the
scopes on your app to implement the REST APIs you wish to consume in your app.
Once you have your
access_token you can add it to the Authorization header as
AUTHORIZATION IN POSTMAN
If you follow along with this documentation to download the Zoom API Postman Collection, and using the OAuth2 Client ID and Client Secret, you can EDIT the collection to include Authorization:
- After you’ve downloaded and installed the Zoom API Postman Collection, right click and choose
- Choose the Authorization tab
- Set Type ===
OAuth 2.0, make sure “Add auth data to” is set to
- Click on the button labeled Get New Access Token
- Complete the form (replacing the template strings wrapped in double-braces with your values)
- Click on the button labeled Request Token, if successful, you’ll be shown the
scopes, and other properties.
- Click the button labeled Use Token
- Click the button labeled Update to complete editing the collection.
- Open one of the requests that is aligned with the scopes for your app, and click the Authorization tab, to make sure it is set to
Inherit auth from parent (you can click the Headers tab to see the implicit Authorization header added with the access token you just obtained.
- Click the button labeled “Send” to send the request, and see the response.