Description
When I use the JWT token provided by the Zoom App Credentials page, cURL commands work as expected.
When I modify the “exp” date using JWT.io, I get an “invalid HmacSHA256” error msg.
When I paste the JWT token created in the Zoom App Credentials page into JWT.io’s “Encoded” window and modify the payload by updating the “exp” value in the “Decoded” window, I get the following error using the new encoded JWT token string:
Error {"code":124,"message":"The Token's Signature resulted invalid when verified using the Algorithm: HmacSHA256"}
Which App Type (OAuth / Chatbot / JWT / Webhook)?
JWT
Which Endpoint/s?
All of them.
How To Reproduce (If applicable)
Steps to reproduce the behavior:
Additional context
The cURL command works just fine using the JWT token provided by the Zoom App Configuration page. If I cannot customize the JWT token expiration value with JWT.io, why should I expect their libraries to work?
Happy to help! You can use something like https://www.unixtimestamp.com/ to convert the time you want to IAT format and paste that value in the payload or the bearer token on jwt.io.
It’ll update the encoded bearer token with the new time value.
@gianni.zoom thanks. Isn’t it just epoch time? E.g. to set a valid future date, just make the exp date a larger integer than the iat date? I.e. do I need another service to create a valid date? I don’t think do, especially since the JWT.io has a human readable interpretation of the epoch time value entered for the exp time (just hover the cursor over it).
I’m pretty sure a valid exp value is not the problem here, e.g. you could just advance the left-most integer by one to create a valid future date value.
The problem is that the resulting JWT isn’t valid (even though the components encoded are).