Invalid Signature during Review process

I’m trying to create a meeting with SDK. It is working OK with accounts linked to the dev account.
However during publish app review process, reviewer always gets “Signature is Invalid” error.
I sent request to open the application for test purposes, and was able to replicate the problem for account which is not linked to the dev account


  1. errorCode: 3712
  2. errorMessage: “Signature is invalid.”
  3. method: “join”
  4. result: “Invalid signature.”
  5. status: false


Additional context
Development account id:

Hey @RustamA, happy to help!

Can you share the code you are using to generate the signature?

Also, is the meeting you are trying to start owned by the same account as the Web SDK?


Hello @tommy!
Please find below code for signature generation (backend, c#)

Meeting is created & started by different account ( than account creating zoom app (

private static void AddSignature(ZoomMeeting meeting, int hostRole)
            static long ConvertToTimestamp(DateTime value)
                var epoch = new DateTime(1970, 1, 1, 0, 0, 0, DateTimeKind.Utc);

                var elapsedTime = value - epoch;
                return (long)elapsedTime.TotalMilliseconds;
             static long ToTimestamp (DateTime value) {
                long epoch = (value.Ticks - 621355968000000000) / 10000;
                return epoch;
            var ts = (ToTimestamp(DateTime.UtcNow.ToUniversalTime()) - 30000).ToString();

            var signature = GenerateToken(meeting.Id, ts, hostRole);

            meeting.Signature = signature;
          static string GenerateToken (long meetingNumber, string ts, int role) {
            var message = $"{ApiKey}{meetingNumber}{ts}{role}";
            var encoding = new ASCIIEncoding();
            var keyByte = encoding.GetBytes (ApiSecret);
            var messageBytesTest = encoding.GetBytes (message);
            var msgHashPreHmac = System.Convert.ToBase64String (messageBytesTest);
            var messageBytes = encoding.GetBytes (msgHashPreHmac);
            using var hmacSha256 = new HMACSHA256 (keyByte);
            var hashMessage = hmacSha256.ComputeHash (messageBytes);
            var msgHash = System.Convert.ToBase64String (hashMessage);
            var token = $"{ApiKey}.{meetingNumber}.{ts}.{role}.{msgHash}";
            var tokenBytes = System.Text.Encoding.UTF8.GetBytes (token);
            return System.Convert.ToBase64String (tokenBytes).TrimEnd (Padding);

Hey @RustamA,

That is indeed the issue. Checkout this thread for more info:


Hello @tommy,
Thank you for reply.

Can you please provide any updates about this yours comment:

I will share this feedback with our team and see if we can expand the Web SDK authentication to allow authorized users to start their own meetings. (CS-2206)

Hey @RustamA,

You are welcome!

No updates so far other than we are in the planning stages of developing this feature.


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.