JWT apps to be deprecated in favor of Server-to-Server OAuth

API and Webhooks Authentication
1

Today, I got an email from Zoom that included this:

JWT apps to be deprecated June 2023

The JWT app type will be completely deprecated as of June 2023. New and current users have 12 months to migrate their JWT based solutions to the Server-to-Server OAuth app type.

Action recommended: Create Server-to-Server OAuth app types to replace existing JWT app types. See the Changelog for details.

I clicked on the link to the changelog, but there wasn’t any information about this deprecation and change. Where can I find the details on the actions I’ll need to take?

1 Like
2

Hi @tedmyoung
Thanks for reaching out to the Zoom Developer Forum and for bringing this to our attention.
Allow me to reach out to the appropriate team and I will come back to you shortly.

Cheers,
Elisa

3

I’m also confused about the change. I don’t know if only the JWT app type in zoom marketplace will be depreciated or will the SDK JWT signature also be depreciated.

1 Like
4

I am also very interessted in the answer from Zoom regarding this.
For me, it seems so that the example included with the C# meeting SDK also is using JWT.

5

Same confused also by this - some .net examples would be nice also. We have some clients that have multiple levels of credentials depending how they are setup in zoom (i.e. large school districts) - will they have to create multiple service accounts?

6

@elisa.zoom Any update on this?

7

Haven’t got any such email yet, but will def need to know for my internal integrations.

8

Hi @tedmyoung
Thanks for your patience
We have released the new app Server to Server OAuth, that will eventually replace the JWT app.
Find the link to our docs here:

Best,
Elisa

9

Hi @elisa.zoom ,

I’ve been trying to use the new Server-to-Server authentication, sadly, after getting the token, I’m constantly getting a “Invalid api key or secret.” error when I try to use the “https://api.zoom.us/v2/users” endpoint.

10

@cesar1 interesting. How are you generating the token? make sure to add the scope needed to call that endpoint

11

@elisa.zoom I’m using the following endpoint to get the token: https://zoom.us/oauth/token?grant_type=client_credentials&account_id={account}

12

Hi @cesar1 could you please try changing the grant_type to account_credentials instead of client_credentials.

So your request should look something like this

zoom.us/oauth/token?grant_type=account_credentials&account_id={account_id}

Let me know if this helps

13

That works. For some reason yesterday that one didn’t work and that’s why I change it, but now is working. Thank you very much for your help @elisa.zoom

1 Like
14

Happy to hear that worked! @cesar1

15

Hi everyone,

I want to make sure I understood everything correctly.

I use zoom web SDK on my website. And I generate a JWT signature on my backend using the credentials from the SDK app created in the zoom marketplace.

The only thing that is depreciating is the JWT app type and not the JWT signature? Is that correct?

In the documentation here:

It is written:
"Q: What is being deprecated?

  • Meeting Web SDK apps that have not migrated to SDK + Oauth app type"

Does it mean the same as:
“Meeting Web SDK apps that have not migrated to SDK OR Oauth app type”

Thank you for your answers

16

Hi @kathrin ,

Yes that is correct. You will still be able to utilize SDK JWT credentials.

Gianni

17

Hi,
When will Server-to-Server OAuth be available for zoomgov.com?
Thanks,

18

Hey @ksks
I am trying to get more information on this for you.
I will come back with an update shortly.

Elisa

19

It would be great if you can also explain why this change

20

Hi @ripul.ryu

You will find all the information related to this deprecation here:

Cheers,
Elisa