Currently the company has an application developed to carry out virtual assemblies in which the zoom interface is embedded in one of its views, we only use the client view, the meetings are parameterized and created directly from the zoom web page , I have spent several days reading a post about the need to create an sdk application to replace the old jwt which is currently being used.
I don’t handle the application code very well and I don’t understand the examples that are posted in the migration examples, I would like to know if it is possible that someone can explain to me with a very clear example the creation of the sdk jwt token, I was able to generate it using jsrsasign javascript however I have seen that the signature of the new version 2.14.0 has a new way of creating the signature which in my little understanding asks to bring the json from a localhost server with port 4000, this is where I get most confused. If I have the signature encrypted with HS256 as shown in the following code, can’t I just replace apikey values with sdkkeys and so on?
var oHeader = {alg: ‘HS256’, typ: ‘JWT’};
var oPayload = {};
var tNow = KJUR.jws.IntDate.get(‘now’);
var tEnd = KJUR.jws.IntDate.get(‘now + 1day’);
oPayload.sdkKey = “XXXXXXXXXXXXXXXXXXXXXXXXXXX”;
oPayload.appKey = “XXXXXXXXXXXXXXXXXXXX”;
oPayload.mn = “8440528XXXX”;
oPayload.role = 0;
oPayload.iat = tNow;
oPayload.exp = tEnd;
oPayload.tokenExp = tEnd;
var sHeader = JSON.stringify(oHeader);
var sPayload = JSON.stringify(oPayload);
var sJWT = KJUR.jws.JWS.sign(“HS256”, sHeader, sPayload, “XXXXXXXXXXXXXXXXX”);
This gives me a key with the structure of the example found in the post eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzZGtLZXkiOiJhYmMxMjMiLCJtbiI6IjEyMzQ1Njc4OSIsInJvbGUiOjAsImlhdCI6MTY0NjkzNzU1MywiZ XhwIjoxNjQ2OTQ0NzUzLCJhcHBLZXkiOiJhYmMxMjMiLCJ0b2tlbkV4cCI6MTY0Njk0NDc1M30.UcWxbWY-y22wFarBBc9i3lGQuZAsuUpl8GRR8wUah2M
However this string is not accepted by the function to generate signature since a localhost server is required, is what I understand.
Can someone help me with these doubts about how to correctly implement an sdk application step by step, I know that you have the necessary documentation but I am an empirical in programming with these languages and more with the use of api and others.
Is there a way to create the signature without so much security? I shouldn’t ask this but it may be an immediate solution for me since we have an event in a couple of days and I understand that version 2.6.0 which is currently running will end on August 5th and the event is on August 6th.
I understand you are upgrading from web sdk 2.6.x to 2.14.0
Web SDK 2.14.0 requires JWT token generated using either (ClientID and ClientSecret) or (SDKKey and SDKSecret) pair. Either pair works fine.
The Web SDK sample code calls an authEndpoint to fetch the JWT token
This authEndpoint uses this code sample, it uses port 4000 by default, but you can change it via const port = process.env.PORT || 4000 to a specific port which you want. Example 443 for HTTPS
Host this authEndpoint on public URL, and enter the URL in the var authEndpoint = https://myauthendpoint.com
`
The JWT Token which you have shared looks fine, you just need to enter a valid
sdkKey (SDKKey or ClientID)
appKey (SDKKey or ClientID)
mn (meeting number)
role (0 for guest, 1 for host)
If your Web SDK joins a meeting which is created or resides outside of the Web SDK’s zoom account, you will need to publish your Meeting SDK app. If you do not publish it, you will encounter an error when trying to join meeting outside of your account.
Is there a way to create the signature without so much security? I shouldn’t ask this but it may be an immediate solution for me since we have an event in a couple of days and I understand that version 2.6.0 which is currently running will end on August 5th and the event is on August 6th.
← yes there is. you can generate your JWT token on the client side(A VERY BAD IDEA). This is equivalent to sharing your SDKKey and SDKSecret with the public, as client side JWT token generation would need SDKKey and SDKSecret in cleartext.
I’ll connect to meetings created in my own account where the sdk keys and such were created, so there should be no problem.
I understand that I should not generate the JWT from the client side and it is considered a very bad development practice, but as I said, I am new to development and due to the urgency of the situation, I feel the need to do so this time. , after the event I will correct it more calmly. To do it this way, what should I do?
I have this code on the client side at the moment and using the jsrsasign library to generate the jwt signature I understand that I must pass this key to the function to generate signature of the client-view.js however how would the new function look since would receive the direct data?
Instead of having the chunk of code on the html page, consider this in your index.js process.env.ZOOM_MEETING_SDK_KEY is your SDK Key process.env.ZOOM_MEETING_SDK_SECRET is your SDK Secret
YOUR_MEETING_NUMBER is self explanatory
YOUR_ROLE is either 0 or 1. 0 is for participant. 1 is for host.
function getSignature() {
// Your client-side data (meetingNumber and role)
const meetingNumber = YOUR_MEETING_NUMBER;
const role = YOUR_ROLE;
const iat = Math.round(new Date().getTime() / 1000) - 30;
const exp = iat + 60 * 60 * 2;
const oHeader = { alg: 'HS256', typ: 'JWT' };
const oPayload = {
sdkKey: process.env.ZOOM_MEETING_SDK_KEY,
mn: meetingNumber,
role: role,
iat: iat,
exp: exp,
appKey: process.env.ZOOM_MEETING_SDK_KEY,
tokenExp: iat + 60 * 60 * 2,
};
const sHeader = JSON.stringify(oHeader);
const sPayload = JSON.stringify(oPayload);
const signature = KJUR.jws.JWS.sign('HS256', sHeader, sPayload, process.env.ZOOM_MEETING_SDK_SECRET);
// The signature is generated locally, so you can call your startMeeting function directly
startMeeting(signature);
}
If your Web SDK joins a meeting which is created or resides outside of the Web SDK’s zoom account, you will need to publish your Meeting SDK app. If you do not publish it, you will encounter an error when trying to join meeting outside of your account.
Hello, do you mean that I have to enable the following option in my SDK in the Marketplace?
