Meeting SDK Web – Whiteboard blocked: us06nws.zoom.us DAS API CORS missing for domain and localhost (join OK, SDK 3.12 / 6.0.2)

Hi Team,

We embed Zoom Meeting SDK for Web (Client View) in our learning platform. Joining meetings works, but in-meeting whiteboard fails in all environments(When opening whiteboard meeting closed for meeting joinees).

The browser blocks cross-origin calls from our app to Zoom’s whiteboard DAS service on us06nws.zoom.us because the OPTIONS preflight response does not include Access-Control-Allow-Origin (and related CORS headers).

This issue started around last week (approximately 16/May/2026). It affects production, QA, dev, and local development. We only changed Kubernetes ingress in production; QA/dev were unchanged. The same error occurs locally with the latest Meeting SDK (6.0.2) and on production with SDK 3.12.0, so we believe this is a Zoom us06nws DAS / CORS configuration or regression, not our reverse proxy

Affected origins (domains)

Our learners join meetings from these origins (HTTPS unless noted):

Please enable / restore CORS for Meeting SDK embedded whiteboard for all production *.myedusite.com and web.wayvida.com origins we use for in-meeting join.

SDK / environment

Expected behavior

Whiteboard should load and DAS APIs should be callable from our embedded origins without CORS errors (as before [insert date when it last worked]).

Actual behavior

UI: “Failed to retrieve user information” / “Unable to load this whiteboard” / connection error (e.g. s-code-a93b4930c3-…).

Browser console (representative):

Access to fetch at ‘https://us06nws.zoom.us/nws/das/api/v2/users’

from origin ‘https://wta.myedusite.com’ has been blocked by CORS policy:

Response to preflight request doesn’t pass access control check:

No ‘Access-Control-Allow-Origin’ header is present on the requested resource.

Same pattern from http://localhost:5173:

from origin ‘http://localhost:5173’ … us06nws.zoom.us/nws/das/api/v2/users … No ‘Access-Control-Allow-Origin’

Follow-on SDK errors:

• get confId or mmrToken failed (whiteboard-sdk.js)

• Failed to fetch (comment-ui-deps-*.js)

• GET …/api/v2/users net::ERR_FAILED

Failing endpoints (all on https://us06nws.zoom.us)

• OPTIONS / GET /nws/das/api/v2/users

• OPTIONS / GET /nws/das/api/v1/user/settings/key?key=canvas_setting

• OPTIONS / GET /nws/das/api/v1/user/settings/key?key=toolbar_setting

• OPTIONS / GET /nws/das/api/v1/documents/{docId}/meeting/detail?confId={confId}&mmrToken=…

Preflight fails: no Access-Control-Allow-Origin on OPTIONS response. Some GETs may return 200 but are unreadable by JavaScript due to CORS.

What works vs what fails

Whiteboard in the native Zoom desktop client for the same meeting: **[Yes / No – please fill in after test]

Request**

Please confirm whether CORS for Meeting SDK embedded whiteboard on us06nws.zoom.us DAS API v1/v2 is correctly configured for:

• https://web.wayvida.com

• Our learner join domains on *.myedusite.com (including https://wta.myedusite.com)

• Guidance for local dev (http://localhost:5173) if supported

If this is a known regression, please provide ETA or workaround.

We can provide HAR files, screenshots, and additional *.myedusite.com hostnames on request. Auth tokens (wbk, cgk, mmrToken) are sent by the SDK; not included in this ticket.

Contact

• Name: Vishnu Gopal

• Email: vishnu.gopal@wayvida.com

• Zoom account / Marketplace app: Wayvida-Live / ObZvSj9tQpG5BeQpwKWauw

• Company: Wayvida