Jwt token creation error

Using this template helps us debug your issues more effectively :slight_smile:

I am trying to integrate zoom API with the Spring Boot application, If I use the JWT token created online and hard code it in the application I am able to send a request to the meeting creation API and create a new meeting successfully. I want to automate the JWT creation process but the JWT creation method throws an error and JWT creation fails and leads to application failure

The specified key byte array is 136 bits which is not secure enough for any JWT HMAC-SHA algorithm. The JWT JWA Specification (RFC 7518, Section 3.2) states that keys used with HMAC-SHA algorithms MUST have a size >= 256 bits (the key size must be greater than or equal to the hash output size). Consider using the io.jsonwebtoken.security.Keys#secretKeyFor(SignatureAlgorithm) method to create a key guaranteed to be secure enough for your preferred HMAC-SHA algorithm. See https://tools.ietf.org/html/rfc7518#section-3.2 for more information.
at io.jsonwebtoken.security.Keys.hmacShaKeyFor(Keys.java:96) ~[jjwt-api-0.11.2.jar:0.11.2]

Which App Type (OAuth / Chatbot / JWT / Webhook)?

Which Endpoint/s?

How To Reproduce (If applicable)
Steps to reproduce the behavior:

private String generateZoomJWTToken(){
String id = UUID.randomUUID().toString().replace("-", “”);
SignatureAlgorithm signatureAlgorithm = SignatureAlgorithm.HS256;
Date creation = new Date(System.currentTimeMillis());
Date expiry = new Date(System.currentTimeMillis()+(1000*60));
SecretKey key =
Keys.hmacShaKeyFor(zoomApiSecret.getBytes(StandardCharsets.UTF_8));//This line throws error

    return Jwts.builder()


Screenshots (If applicable)

Line no. 81 throws error

Additional context
Add any other context about the problem here.

Hi @zoom61 any links or solution for the problem would help

Hi @will.zoom can you help me with this? It has been 2 days but I have not received any response from the team.

Hi, @Zoom Team I was able to solve the issue. It was a typo issue.

1 Like

Happy to hear you were able to resolve it. :slight_smile:


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.