JWT token Expiration Time

Description
I have been recently started using JWT token for some automation and faced an issue where the JWT token time, even after customization, expired within the default 90 min timeline.

Error
API key expired in 90 minutes when the expiration time was 180 minutes.

Which App Type (OAuth / Chatbot / JWT / Webhook)?
JWT App type

Additional Details - After updating the expiration time, if I expand the collapsible View JWT Token, the Expire in time is selected as default 90 minutes.

Thank you for help in advance and pardon the naivety in case if I am missing the basic nuance here.

Regards
Rajat

1 Like

Hi @rajat_pandey,

Welcome to the community!

Are you generating the JWT token through the Zoom interface, or on your own secure server?

Either way, please generate a new JWT with an expiry longer than 90 minutes and share a screenshot of the payload results from https://jwt.io/ - be sure to redact any secret information.

Thanks,
Alex

1 Like

Thanks for the prompt response @alexmayo

The payload details are as below:

{
“typ”: “JWT”,
“alg”: “HS256”
}

{
“aud”: null,
“iss”: “VSX_cvyxTg26063rnXX34w”,
“exp”: 1619529533, - Tue April 27 2021 18:48:53 GMT +5:30 IST
“iat”: 1619524133 -Tue April 27 2021 17:18:53 GMT +5:30 IST
}

The issue I see here is every time I regenerate the token the default expiration time is set to 90 minutes.

Kindly let me know if these details are suffice.

Regards
Rajat

Hey @rajat_pandey,

Are you generating your token from the Zoom UI? If so, can you please make sure that even after you select “Other” or a time period longer than 90 minutes, that you’re copying the token below after? The token will update dynamically after you select the expiration time, and you need to copy it at that time. Once you navigate away, the token will default back to 90 minutes.

Thanks,
Will

Thanks @will.zoom

I actually was getting confused with the immediate rollback to 90 minutes.
Just checked that before leaving the screen, the generated token is valid for a week, as selected.

Thanks for the quick help, just out of curiosity, is there a specific reason to reverting it back to the default immediately or a default feature.

Regards
Rajat

Hey @rajat_pandey,

No problem, glad I could help clarify. The intention here is to have a default token with a short expiration, as a best practice.

Thanks,
Will