How long is the signature valid?

Hello

When creating a Web SDK App we have to generate a signature.
How long is this signature valid? Is it possible to set this on generation?

What happens if the signature expires while a participant is still in the meeting?

Thanks
David

Hi @Videda,

Signatures expire 24 hours after creation. Since signatures are only used to join/start meetings, there will be no degredation in functionality if a signature expires while the meeting is ongoing, since it will already have been joined.

It isn’t possible to alter how long a signature lasts currently.

Thanks,
Alex

1 Like

Thank you for your input @alexmayo! Let me know if you have any questions @Videda.

Thanks,
Max

Hey @alexmayo

Thanks for your quick reply!

Do you know if there is some documentation on this?

Unfortunately I observed that when a participant is added to a breakout room after his signature has expired, then he gets an error message (pop-up with the message: “The signature has expired.”) and is not able to continue the meeting.
So this would mean that the signature needs to be valid for the whole duration of the meeting. Is this true?

In the [documentation on generating the signature][1] no JWT is used but instead the API Key and API Secret are used directly. Is there also a possibility to use a JWT to create a signature?

In the example code in the [documentation][1] the timestamp is created as follows

// Prevent time sync issue between client signature generation and zoom 
const timestamp = new Date().getTime() - 30000

So is it valid to just shift the timestamp further back to reduce it’s lifetime?
E.g. to obtain a signature that expires in 4h use:

const timestamp = new Date().getTime() - (20 * 60 * 60 *1000)

Thanks
David

1 Like

Hi @Videda!

It’s not written in the documentation however @tommy did mention this a while ago on this forum. It’s probably worth adding it to the docs, as it is useful to know. See: ZoomMtg.join() returns “The signature has expired.” help me please - #28 by tommy

Maybe create a post in #feature-requests if you think adjusting the signature TTL is required :slight_smile:

Ah right yes, since the breakout room is effectively a new meeting, the signature will still need to be valid for breakout rooms to work. Other meeting functionality should remain working though, such as video, audio and screen share.

Apologies I mis-spoke here. You use the JWT Key and Secret to create the signature, not the token itself.

Thanks,
Alex

1 Like

Thank you again for your input here @alexmayo!

Max

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.