Description
On our web app, we provide access to zoom meetings based on user roles.
The current Implementation redirects to a zoom url of the format https://us06web.zoom.us/j/86118972847?pwd=U0pSQ0KiS2xRbzNFUlJEODpzbEhaQT09#success
The issue with such approach is that the meeting password is exposed to the user, and can be shared to a unauthorized person.
To obfuscate this, I plan to generate the intent url directly
format: zoommtg://us06web.zoom.us/join?action=join&confno=86118972847&pwd=U0pSQ0KiS2xRbzNFUlJEODpzbEhaQT09&confid=dXRpZD1VVElEXzU2ZWY5MjdiMmIwYjQ7Y2R5OKA3M2NmNGM1NTZmMjU5JnVzcz1hZG9KU1VRQmtTSzhaa3dTcUxTczVVa7J6UlcwQ2FCemVKMUktS2Z3c01jQ2hBdTk1Zmd5OEJSb19tREJmZWNCLWxqbHFxN1dEVlpwTGJWR6FSQ1dJUEhjUHRYZC5tRklFeTBJV2pMaHZtUnlVJnRpZD05NGEzYTgzYzczMmM0OTJhOTEwNGU4MzNiYjWiRmE2Nw%3D%3D&browser=chrome
I’ve figured the confno
, pwd
, browser
params, but not sure what confid
is and if its optional or not.
On further inspection I found that confid
is just urlSchemeSignature
, jmfId
, and unifiedTrackingId
encoded in base64.
Can anyone give clarity regarding these fields and their use?
Thanks.