How can we authenticate the webhook response coming from the Zoom?


#1

I have a requirement where I am getting all the details through the webhook when a meeting ends.

I have written a public web service which is being called from the Zoom and sends the webhook response to that particular URL when meeting finishes.

I want to authenticate the response that the response is coming from the connected Zoom org. Otherwise, anyone can post the request and change the data by calling the public service if he knows the public service URL.

Please help me with the authentication process to prevent any kind of attack.

Thank in advance!!!


#2

Hi Shrav, 

Are you using our webhooks from developer.zoom.us or using our new marketplace?


#3

Hi Shrav, 

You can authenticate using Authorization within the webhook response header. 

If you set your header using developer.zoom.us, you can see our docs here - https://developer.zoom.us/docs/webhooks-v2/

If you’re using our new marketplace, you can use this - https://marketplace.zoom.us/docs/docs/zoom-app-marketplace/webhooks/webhook-event-schemas/Payload-header. 

Thanks