I’m trying to authenticate with the Zoom API using C# and a JWT.io library (System.IdentityModel.Tokens.Jwt). When I use the token generated in the App Marketplace under JWT > App Credentials I can retrieve info from https://api.zoom.us/v2/users, so I know my request to the API is fine. The problem I’m having is with generating a valid token. I’ve verified multiple times that my API Key and API Secret are both correct and are being passed into the correct variables.
Here is my C# code for generating the token. Am I missing something? My header and payload look fine, and I’ve tried both SecurityAlgorithms.HmacSha256Signature and SecurityAlgorithms.HmacSha256 to no avail.
protected static string GenerateJSONWebToken()
{
var symmetricKey = Convert.FromBase64String(ApiSecret);
var tokenHandler = new JwtSecurityTokenHandler();
tokenHandler.SetDefaultTimesOnTokenCreation = false;
var now = DateTime.UtcNow;
var tokenDescriptor = new SecurityTokenDescriptor
{
Issuer = ApiKey,
Expires = now.AddSeconds(30),
SigningCredentials = new SigningCredentials(
new SymmetricSecurityKey(symmetricKey),
SecurityAlgorithms.HmacSha256Signature),
};
var stoken = tokenHandler.CreateToken(tokenDescriptor);
var token = tokenHandler.WriteToken(stoken);
return token;
}
Of course. I googled for hours. I’ve since figured out the issue was the Convert.FromBase64String() function. Rather than converting from base 64 I simply converted the “API Secret” as a normal string and that did the trick. If anyone is using C# and needs a function to generate your JWT, I can confirm this code works for me.
protected static string GenerateJSONWebToken()
{
var symmetricKey = Encoding.ASCII.GetBytes(ApiSecret);
var tokenHandler = new JwtSecurityTokenHandler();
var now = DateTime.UtcNow;
var tokenDescriptor = new SecurityTokenDescriptor
{
Issuer = ApiKey,
Expires = now.AddSeconds(10),
SigningCredentials = new SigningCredentials(
new SymmetricSecurityKey(symmetricKey),
SecurityAlgorithms.HmacSha256Signature),
};
var stoken = tokenHandler.CreateToken(tokenDescriptor);
var token = tokenHandler.WriteToken(stoken);
return token;
}
It would have been nice if Zoom provided this code in their JWT documentation under “Sample Code.” The sample code provided instead is just a generic API call with no indication on how to generate the JWT. For that I had to google. Don’t get me wrong, Zoom’s sample code is useful but it would have been a lot more useful if the JWT section actually had JWT sample code.
Thank you @justin_holton for making us aware of this. We will add this request to our backlog and ensure that the JWT creation step is clearly explained in our docs.
Hi, i have the same issue, but i’m using postman with the request for get a user, i used the credentials in View JWT Token, the expiration date is for tomorrow
