Referring to this documentation: https://marketplace.zoom.us/docs/guides/auth/jwt
The sample provided for JWT being included as the Bearer for an API call has some consistency issues, or is missing information. Or I am completely missing something.
The guide indicates this:
A single JWT consists of three components: Header, Payload, and Signature with a
. separating each. For example:
The sample API code at the end shows the bearer value:
This bearer value does not have three distinct parts separated by periods as the JWT example above shows.
Here is a token generated by the JWT App interface:
(slightly modified to make it an invalid token)
This token does have three distinct parts separated by periods.
However, the documentation for generating a JWT token does not indicate that the Header and Payload need to be encoded. In fact, it clearly states:
Note: Though protected against tampering, the information contained in the Header and Payload is readable by anyone. Do not store confidential information in either of these elements.
So my questions!
- How do you encode the Header and Payload so it has the appearance of the JWT App generated JWT token and not plain text?
- How do you take the three (Header, Payload, Signature) and further encode them in a way that is comparable to the sample “Bearer” value? Or does that sample Bearer value have an invalid format?
No error, yet. Developing the integration.
Which App Type (OAuth / Chatbot / JWT / Webhook)?
How To Reproduce (If applicable)
Screenshots (If applicable)