Invalid signature - python 3

Hi there,

I have created a function to generate signatures using python 3, but I’m getting an invalid signature when I create a signature and try to join the meeting.

I have followed this link to create a signature but still not working,
generate signature

please refer to the code below

import hashlib
import hmac
import base64
import time

def generateSignature(request):

    data =
    print('data', data)

    meetingNumber = data.get('meetingNumber', None)
    role = data.get('role', None)

    print('meetingNumber', meetingNumber, role)

    if not meetingNumber:
        return {
            'code': 400,
            'msg': 'bad request'

    ts = int(round(time() * 1000)) - 30000
    msg = SDK_KEY + str(meetingNumber) + str(ts) + str(role)
    message = base64.b64encode(bytes(msg, 'utf-8'))
    secret = bytes(SDK_SECRETE, 'utf-8')
    hash =, message, hashlib.sha256)
    hash =  base64.b64encode(hash.digest())
    hash = hash.decode("utf-8")
    tmpString = "%s.%s.%s.%s.%s" % (SDK_KEY, str(meetingNumber), str(ts), str(role), hash)
    signature = base64.b64encode(bytes(tmpString, "utf-8"))
    signature = signature.decode("utf-8")
    return signature.rstrip("=")


    "method": "join",
    "status": false,
    "result": "Invalid signature.",
    "errorMessage": "Signature is invalid.",
    "errorCode": 3712

Please help with this, thanks

the python 3 script in the documention creates a JWT Signature,
you need a SDK JWT Signature for the current version of meeting SDK

they are not compatible, here are more information

you can easily distinguish the signature routines:

  • JWT Signature (deprecated) → time in Milliseconds
  • SDK JWT Signature → time in Seconds

there is no example implementation for SDK JWT Signature in python until now,
but here is a javascript version - you have to translate it to python 3

Hi @j.schoenemeyer

I tried Javascript code provided in previous message. But when i test this code to generate signature, I’m keep getting error mac key shall be specified for HS* alg

below is code which I’m trying'/', (req, res) => {

  const iat = Math.round(new Date().getTime() / 1000) - 30;
  const exp = iat + 60 * 60 * 2

  const oHeader = { alg: 'HS256', typ: 'JWT' }

  const oPayload = {
    sdkKey: process.env.ZOOM_SDK_KEY,
    mn: req.body.meetingNumber,
    role: req.body.role,
    iat: iat,
    exp: exp,
    appKey: process.env.ZOOM_SDK_KEY,
    tokenExp: iat + 60 * 60 * 2

  const sHeader = JSON.stringify(oHeader)
  const sPayload = JSON.stringify(oPayload)
  const signature = KJUR.jws.JWS.sign('HS256', sHeader, sPayload, process.env.ZOOM_SDK_SECRET)

    signature: signature

can you please help with this?

Also, I have followed the code to generate a signature as described here, but still it shows the invalid signature

pls refer below code,

  const meetingNumber = req.body.meetingNumber;
  const role = req.body.role;

  const timestamp = new Date().getTime() - 30000
  const msg = Buffer.from(ZOOM_SDK_KEY + meetingNumber + timestamp + role).toString('base64')
  const hash = crypto.createHmac('sha256', ZOOM_SDK_SECRET).update(msg).digest('base64')
  const signature = Buffer.from(ZOOM_SDK_KEY, meetingNumber, timestamp, role, hash).toString('base64')

    code: 200,
    signature: signature

here ZOOM_SDK_SECRET and ZOOM_SDK_KEY I have copied from Meeting SDK app we created on zoom developers account


    "code": 200,
    "signature": "ZGI1ZnkwN1ViclloUkFVR0V1NU9VbFJKSXZ6RE9Dam13bk0w"

you can check your signatur here

but first you should try the example on github

the CDN version is ready to use with a few simple steps

CDN/js/index.js:20 var SDK_KEY = "YOUR_SDK_KEY";
CDN/js/index.js:26 var SDK_SECRET = "YOUR_SDK_SECRET";
CDN/js/index.js:112 ... "/meeting.html?" // replace '/' with './'

CDN/js/meeting.js:31 leaveUrl: "/index.html", // replace '/' with './'

Update: here is a tutorial on youtube

I’m doing something like this

#pip3 install pyjwt
import jwt
import hashlib
import hmac
import base64
import time
def generateSignature(data,secret):
    encoded_jwt = jwt.encode(data, secret, algorithm="HS256")
    return (encoded_jwt);
if __name__ == '__main__':
    epoch_time = int(time.time())
    data = { "appKey": CLIENT_ID,
             "iat": epoch_time, 
             "exp": epoch_time_48hours_later, 
             "tokenExp": epoch_time_48hours_later,
    print (generateSignature(data,CLIENT_SECRET))

Thanks @chunsiong.tan I have made it work using the node server, I will try the python code that you have provided :grinning: