Linux Meeting SDK SDKAuth returns AUTHRET_JWTTOKENWRONG even with valid General App JWT

Hello Zoom Team,

We are testing the Zoom Meeting SDK for Linux for a local POC.

SDK / App setup:

  • SDK: zoom-meeting-sdk-linux_x86_64-7.0.5.3527

  • App type: General App

  • Local Test: Ready and app added/authorized

  • Meeting SDK enabled under Embed

  • Linux-x86_64 selected

  • Programmatic Join enabled

  • Scopes added:

    • user:read:zak

    • user:read:token

  • Client ID starts with: ojIvQ2...

  • Client Secret length: 32 characters

Issue:

SDK initialization succeeds, but SDK authentication fails.

Terminal output:

InitSDK result=0
CreateAuthService result=0
Auth SetEvent result=0
C++ received JWT length=240
C++ received JWT dot_count=2
SDKAuth result=0
Waiting for SDK auth callback using GLib main loop...
Auth callback onAuthenticationReturn ret=11
SDK authentication failed. AuthResult=11

As per the Linux Meeting SDK enum, ret=11 means AUTHRET_JWTTOKENWRONG.

What we already verified:

  • JWT is signed with HS256

  • appKey matches the General App Client ID

  • Client Secret is from the same new General App

  • JWT signature validates locally

  • C++ receives the full JWT correctly

  • SDKAuth() call itself returns 0

  • Failure occurs only in onAuthenticationReturn

  • We tested both:

    • app-auth-only payload: appKey, iat, exp, tokenExp

    • meeting payload: appKey, mn, role, iat, exp, tokenExp

  • We also tested variants with sdkKey, but all return ret=11

  • We tested a fresh extracted Linux SDK folder downloaded from the same app page

  • Meeting ID is a real numeric meeting ID, not placeholder text

  • This happens before the meeting join step, so ZAK/OBF logic has not yet been reached

JWT payload example, masked:

{
  "appKey": "ojIvQ2...NYBw",
  "mn": "94311453476",
  "role": 0,
  "iat": 1781687431,
  "exp": 1781694631,
  "tokenExp": 1781694631
}

Questions:

  1. Should a General App Client ID/Client Secret authenticate successfully with Linux Meeting SDK v7.0.5.3527 using SDKAuth()?

  2. Is there any additional backend enablement needed for Linux Meeting SDK authentication?

  3. Does the Zoom SDK Universal Credit package need to be purchased/activated before SDKAuth() succeeds?

  4. Is AUTHRET_JWTTOKENWRONG expected if the account does not yet have SDK entitlement activated?

  5. For Linux Meeting SDK native C++, should the JWT contain only appKey, iat, exp, tokenExp, or should it also include mn and role?

Please help us identify whether this is a credential/app entitlement issue or a Linux SDK authentication issue.

Regards,
Akash

Update:

We verified the exact sdkKey-only JWT payload and server time.

Payload decoded from the actual JWT being passed into Linux SDK:

{
  "sdkKey": "ojIvQ2w7SseKabWaFWNYBw",
  "iat": 1781689300,
  "exp": 1781696500,
  "tokenExp": 1781696500
}

Payload keys are only:

sdkKey, iat, exp, tokenExp

Server time check:

date -u: Wed Jun 17 09:42:35 AM UTC 2026
python epoch: 1781689355
python utc: 2026-06-17 09:42:35

So the server clock is correct and the JWT is not expired or future-dated.

Result is still:

SDKAuth result=0
Auth callback onAuthenticationReturn ret=11
SDK authentication failed. AuthResult=11

Can Zoom confirm whether the Development Client ID/Client Secret for this General App is valid for Linux Meeting SDK SDKAuth() in Local Test mode, or whether there is any backend/app configuration issue?

@akash9 how does your JWT token looks like?

Our current JWT is an HS256 signed token generated using the General App Development Client ID and Development Client Secret.

I am not sharing the full JWT/signature publicly, but this is the decoded structure of the exact token passed to SDKAuth():

{
  "header": {
    "alg": "HS256",
    "typ": "JWT"
  },
  "payload": {
    "sdkKey": "ojIvQ2w7SseKabWaFWNYBw",
    "iat": 1781689300,
    "exp": 1781696500,
    "tokenExp": 1781696500
  }
}

Token details:

JWT length: 203
payload keys: ['sdkKey', 'iat', 'exp', 'tokenExp']
iat: 2026-06-17 09:41:40 UTC
exp/tokenExp: 2026-06-17 11:41:40 UTC
expiration window: 2 hours
server UTC time during test: 2026-06-17 09:42:35 UTC

The token format is:

xxxxx.yyyyy.zzzzz

C++ receives it correctly:

C++ received JWT length=203
C++ received JWT dot_count=2
SDKAuth result=0
Auth callback onAuthenticationReturn ret=11

We also tested the appKey version earlier:

{
  "appKey": "ojIvQ2w7SseKabWaFWNYBw",
  "iat": 1781689300,
  "exp": 1781696500,
  "tokenExp": 1781696500
}

and the result was also ret=11.

So currently both sdkKey-only and appKey-only payloads fail with AUTHRET_JWTTOKENWRONG.

@akash9 I’ll PM you for the JWT Token

solved: iat was set in the future
solution: ensure that iat in the JWT payload is slightly in the past.