Invalid signature using Web SDK

working on a simple page using Web SDK to join a meeting, getting invalid signature error after trying various methods of generate the signature. Could anyone please help to see what could be the reason? Thanks in Advance!


  1. {method: “join”, status: false, result: “Invalid signature.”, errorMessage: undefined, errorCode: 3712}
  2. errorCode: 3712
  3. errorMessage: undefined
  4. method: “join”
  5. result: “Invalid signature.”

Which Web Client SDK version?
using latest 1.9.1 web sdk through CDN

Device (please complete the following information):

  • Browser: [Chrome]

Additional context
using SDK credentials
meetingID: [REDACTED]
signature generated using the node.js from: [REDACTED]

signature generated using ZoomMtg.generateSignature(): [REDACTED]

Hey @russliu,

Thank you for reaching out to the Zoom Developer Forum. It looks like you’re using an SDK key and secret. When it comes to the Web SDK, make sure that you are using a JWT App’s API Key and Secret.

Let me know if that helps.


1 Like

Also getting this.

I have tried signature generation from:

I have tried my keys from:

  • an SDK Zoom App
  • a JWT Zoom App

I’ve also tried the code from

Man, that’s 3 different sources of un-truth for one API.

Hey @Michael_prox,

All three of the methods that you listed to generate a signature are valid so there might be something else going on here. Please send an email to with a link to this thread.

In that ticket, please include the signature that you’re using when you see this issue. I’ll be sure to follow up with you there.


I was still using the SDK keys on the front-end. It works with JWT keys for front and back end.
Which is BAFFLING by the way and the docs are not remotely clear on this; what are SDK apps even for if not… to use the SDK?

1 Like

Hey @Michael_prox,

I’m glad to hear that you got it working. I agree that our documentation around this is confusing and it’s something we are working on improving. To clarify, the SDK App type is used for the other Client SDKs (macOS, iOS, Windows, Android). However, when it comes to the Web SDK, we use JWT credentials.

I definitely understand how that can be confusing. Let me know if you have any questions.


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.