We have a web application that is responsible for creating meetings through the API, in addition to delivering the meeting links to 2 entities, one would be the administrator and the other someone (client).
for the client we use, the value of join_url and for the administrator we use start_url, these parameters come in the call of the zoom API
In both cases we use an iframe to lift the call without the user being able to see the zoom view, in which case the only thing they can see is the alert when the application opens.
The problem is right when we try to raise the meeting from the administrator’s side, since it asks us to authenticate the administrator (it is what appears in the iframe), but due to the nature of the product we cannot authenticate the same in this iframe.
We need a way in which we can lift the call without the need to authenticate the administrator user, when he enters the link (when the iframe loads) or in that case a way to call the zoom application directly from the browser
It is important to note that we cannot or should not use a new browser tab (obviously it would work), because we are forced to only use the current tab
We are using the zoom API, from a node.js server where we only do the query with the JWT and create the call, then from there everything happens to the browser