JWT token security

I’m planning on using JWT to access the zoom api on my website. I have some concerns around the security that I’m hoping someone can help me out. If the jwt token is a part of the http request wouldn’t it show up in chome developer tools for example? Then a user could technically take that token and do anything with the api until that token expires. How do I protect against this?

Hey @rgood

Thanks for posting on the Zoom Devforum! I am still learning, but I will try my best to help answer your question. :slightly_smiling_face:

Checkout these related threads that may have the answer you are looking for:

If these threads did not help, please let us know by replying back here and someone from the Developer Relations team will get back to you shortly.


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.