Example for "composeCard"

My App is supposed to allow the user to send pre-defined text blocks (quiz questions) to the chat. So I suppose I have to use the “zoomSdk.composeCard” method. When I use the example from the docs

await zoomSdk.composeCard({
        "type": "interactiveCard",
        "message": "some message",
        "previewCard": {
          "title": "some title",
          "description": "some description",
        },

I get the message:

Error: Validation error, please check API parameters.

I’m not really sure what the actual parameters should be. Can anyone provide a concrete example on how to use this function?

Thank you.

Does this page from the docs help? It looks like you need a signature.

I thought that too.
Meanwhile I found out what an HMAC is but I still don’t know what the “signing secret” is and whee to get it.

I would assume that it is similar to the encryption used by the App Context - which uses the apps secret key. But I would not recommend putting the secret key in the client side code in a prod environment. If it is that then I would suggest that you do the encryption in the app server and provide a endpoint the client can use.

Hopefully someone from zoom can clarify.

I think I have to give up on this for the time coming. The documentation on this topic is too incomplete. The error message doesn’t give any precise hint which part of the options is wrong, and I’m stabbing around in the dark.

• What format should the timestamp be in? Epoch, ISO, …?
• How to calculate the signature? “HMAC of the message” is not very precise. Why do I need to calculate the signature myself, can’t it be done by the SDK?

As Henry said, can somebody of the Zoom team clarify the situation?

@ojus.zoom Is this something you can chime in on? I think you’re the SME on this

Hi @latz

apologies on this. We are working on adding the documentation for this. In the meantime, here is how to use the method:

const card = {
“type”: “interactiveCard”,
“previewCard”:
{
“title”: “title”,
“description”: “description”
},
“message”: message,
“signature”: signature,
“timestamp”: timestamp
};

Hi @ojus.zoom, thank you for providing the API format, however it is still not sufficient to utilize this API method. We have made countless attempts and always receive the “Error: Validation error, please check API parameters.” error, which is too vague to be helpful.

How is the signature generated? The documentation states that it is the HMAC of the message, yet the description for the timestamp field says it is

timestamp used to generate signature

We have tried many combinations of using the secret, message, and timestamp to create the signature, to no avail. This really needs to be clarified. Could you please provide some sort of example to use as a baseline?

Additionally, what is the expected format for the timestamp?

We need these additional details in order to use the API. Thank you.

I would like to expand my initial question.

Looking through the “In-Client Features” I found an API method called

"composeText - Set the composed text in the compose box"

That sounds even more like the function that I’m looking for. Unfortunately, I couldn’t find any documentation. It’s not even available in the newest SDK implementation (v0.16.13).

The documentation should be available soon. Here is a sample app in the meantime that demonstrates how to use the compose card function: