Outside of our website, clients have their own Zoom accounts and subscriptions and we allow them to serve a UI/gateway to their meetings. We allow event organizers to input a Zoom meeting ID which could then be joined by attendees. These meetings or webinars are not hosted by us. To join an attendee into a meeting, we would like to use ZoomMtg.join method. From the endpoint, as we see In order to join the meeting or webinar we need API_KEY and Signature. As far as I understood we can ask event organizers to put their api_key, however as a gateway for the meetings, we can’t generate a signature on the behalf of our clients.
How it can be solved?
1 Like
Hey @etibar,
Currently we highly advise against customers sharing their JWT Credentials. Instead, use the OAuth flow to make authorized API requests on a users behalf.
That being said, currently you cannot use OAuth with the Web SDK. Please see my post here about the planned improvement:
Thanks,
Tommy
Hi @tommy,
thanks for your response. As far as I see in above-stated link the problem is about starting the meeting.
In my case, the problem is about joining the configured meeting.
Basically, I am wondering how we can use ZoomMtg.join method without asking JWT credentials from the party who started or configured the meeting?
So let me explain the scenario in this way.
- Client configures a meeting from zoom platform.
- Client takes meeting id and puts it into our platform.
- Users who are in our platform can join the embedded meeting.
The problem starts with step 3. Here in order to join the meeting web sdk method asks as to input signature which is generated by using client’s (who initiated the meeting) API key and secret.
Hey @etibar,
Thank you for reaching out to the Zoom Developer Forum. When you are generating a signature, it’s actually expected that you use your own API Key and Secret. This should allow you to join anyone’s meeting. We can see this when we look at the Generate Signature documentation as shown below.
I hope that helps! Let me know if you have any questions.
Thanks,
Max
Hey @MaxM .
Thanks for the response.
So let’s say there is meeting id (called x) which is created on another platform with different API key and signature.
So you are saying that in ZoomMtg.join method, if we use our own API Key and Signature (which is created using our own API KEY and API SECRET) then it should be enough for joining x meeting from another platform.
So for joining 3rd party’s meeting we don’t need any JWT token.
Hey @etibar,
Joining external meetings you just need the Web SDK signature to be generated and the respective config values. You do not need the external JWT App credentials (secret).
Does that make sense?
Thanks,
Tommy
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.