Invalid Signature Web SDK

API and Webhooks Meetings
1

Hi

I can’t seem to solve this invalid signature issue. I use the ZoomClient API to successfully create a scheduled meeting. I am trying to use the function below to create a signature to start the meeting, but I keep getting an invalid signature error. I’m using the web (component view). My credentials are Server-To-Server OAuth. Please help. I appreciate help from any body. Thanks

function generateSignature(key, secret, meetingNumber, role) {
const iat = Math.floor(Date.now() / 1000) - 30;
const exp = iat + 60 * 60 * 2;

const oHeader = {
    alg: "HS256",
    typ: "JWT"
};

const oPayload = {
    appKey: key,
    sdkKey: key,
    meetingNumber: meetingNumber,
    role: role,
    iat: iat,
    exp: exp
};

// Define the HMACSHA256 function inline
function HMACSHA256(key, message) {
    const hash = CryptoJS.HmacSHA256(message, key);
    return CryptoJS.enc.Base64.stringify(hash);
}

// Create the encoded header and payload strings
const encodedHeader = btoa(JSON.stringify(oHeader));
const encodedPayload = btoa(JSON.stringify(oPayload));

// Generate the signature using HMAC SHA-256
const signature = HMACSHA256(secret, encodedHeader + "." + encodedPayload);

return signature;

}

async function initializeZoomMeeting() {
const client = ZoomMtgEmbedded.createClient();
const meetingSDKElement = document.getElementById(‘meetingSDKElement’);
const sdkKey = getCookie(“sdkKeyCookie”);
const secret = getCookie(“secretCookie”);
const mn = getCookie(“meetingIDCookie”)
client.init({ zoomAppRoot: meetingSDKElement, language: ‘en-US’ });
const generatedSignature = generateSignature(
sdkKey,
secret,
mn, // Meeting Number
1 // Role (0 for a host, 1 for a participant)
);

try {
    client.join({
        sdkKey: clientID,
        signature: generatedSignature, // role in SDK signature needs to be 1
        meetingNumber: getCookie("meetingIDCookie"),
        password: meetingPassword,
        userName: email,
        zak: zakToken
    })
    
} catch (error) {
    console.error('Error:', error);
}

}

// Initialize Zoom Meeting on page load.
initializeZoomMeeting();

2

@chuxyno to join Meeting with Meeting SDK, you need to use the ClientId and ClientSecret from a Meeting SDK App type instead of Server to Server Oauth app type

3

Thanks Chun. Does this mean I need to use both auth, or discard Server to Server Oauth for Meeting SDK auth?

4

@chuxyno you will need to use S2S OAuth for your API access, and Meeting SDK Credentials for Meeting SDK Auth.

There will be 2 apps.

5

Thanks. Will try it now

6

Hi Chung

Can you give me a pointer on this problem? Will I create a webinar with S2S Oauth, and start and join the webinar with the Meeting SDK Auth?

I can’t seem to be able to create a meeting with Meeting SDK Auth. Generating access tokens kept failing with the authorised code.

I’ve used the Meeting SDK Auth ID and secret to try starting the meeting, but I still get an invalid signature.

Can I see sample codes to create, start, and join webinars?

7

Hi Chung

I created a webinar with S2S credentials (I haven’t been able to do the same with the Meeting SDK). I tried to start a webinar with Meeting SDK credentials but still got an invalid signature.

8

@chuxyno , are you using the Web version of Meeting SDK?

If you are using Client View to join Webinar

If you are using Component View to join Webinar

9

Hi Chun

It’s been a week now since I’ve been on this invalid signature issue. I haven’t been able to move forward with my project. I had seen the links you sent before you sent them. How can I share my method of generating the signature, starting the webinar, and also my client ID and secret to help locate the problem? I’m using the Meeting SDK (web-compliant view) for starting and joining the webinar. I used S2S to create it.

10

This thread is in PM follow up.

The solution to the thread is to use the sample from Meeting SDK Auth