Description
About two weeks ago I had an app successfully making API requests to Zoom using JWT which is now not working. I was able to take a look at an example of a failed API request using Fiddler and I saw that the response was a 401 Unauthorized with the body including the message
The Token can’t be used before Wed May 06 19:18:54 UTC 2020.
With Fiddler I could determine the JWT token my app generated and by entering the token into JWT.io I find that the value for nbf (not valid before) is
Wed May 06 2020 15:18:54 GMT-0400 (Eastern Daylight Time)
This is an exact four hour difference, which I’ve found consistent across other requests. Strangely, if I submit a similar API request (same endpoint, different body) using Postman, with the JWT token that my app generated, the call works as expected. The easiest solution would be to remove nbf from the JWT token, however the library I’m using (Microsoft’s IdentityModel framework) seems to have it’s own issues with that. Again, the app worked two weeks ago having nbf included.
So, in summary, my issue seems to be that the endpoint rejects my request due to the nbf value being later than the current time. However, I verified by looking at an intercepted request that the token has an appropriate nbf value.
If it helps, the endpoint I am requesting is https://api.zoom.us/v2/meetings/{meeting-id}/registrants
Screenshots (If applicable)
App HTTPS request
Postman HTTPS request