Missing auto-generated password when creating meetings through API for specific user

We have a web app that creates meetings for our customers using their zoom account. We create scheduled meetings (type 2)

We have a specific customer whose meetings are created with a password but the response payload from the API is returned without a password and the url to connect also does not contain the password. Only when actually trying to connect to the meeting is the password required but we dont know it.
The customer has shown us that his account security settings require a password for all meetings.
According to your latest announcement in https://marketplace.zoom.us/docs/guides/stay-up-to-date/announcements#passcode-and-wr-changes it is possible his settings are in the scenario #6, but the document does not state whether the password is autogenerated in this case.

Which App Type (OAuth / Chatbot / JWT / Webhook)?

Which Endpoint/s?

How To Reproduce (If applicable)
Steps to reproduce the behavior:

  1. Request URL / Headers (without credentials) / Body
  2. See error

Screenshots (If applicable)
User security settings

Additional context
Add any other context about the problem here.

Hey @yariv,

Is it possible to share the full request URL/body and response for your use case? I’m happy to take a closer look.


The request URL:
POST https://api.zoom.us/v2/users/me/meetings

Request Headers:
Authorization -> Bearer <TOKEN>, Content-Type -> application/json

{“uuid”:“Q9KC9LBrRE2akZuVgRmOvw==”,“id”:87613749994,“host_id”:“LcrY802LQOaPwWvpIMDJpw”,“host_email”:"<customer_email>",“topic”:“PILATES Level 2”,“type”:2,“status”:“waiting”,“start_time”:“2020-10-29T18:30:00Z”,“duration”:60,“timezone”:“Europe/London”,“created_at”:“2020-10-06T05:42:54Z”,“start_url”:“https://us02web.zoom.us/s/87613749994?zak=<TOKEN>”,“join_url”:“https://us02web.zoom.us/j/87613749994",“settings”:{“host_video”:true,“participant_video”:true,“cn_meeting”:false,“in_meeting”:false,“join_before_host”:false,“mute_upon_entry”:false,“watermark”:false,“use_pmi”:false,“approval_type”:2,“audio”:“both”,“auto_recording”:“none”,“enforce_login”:false,“enforce_login_domains”:"",“alternative_hosts”:"",“close_registration”:false,“registrants_confirmation_email”:true,“waiting_room”:true,“request_permission_to_unmute_participants”:false,“global_dial_in_countries”:[“US”],“global_dial_in_numbers”:[{“country_name”:“US”,“number”:"+1 6699009128”,“type”:“toll”,“country”:“US”},{“country_name”:“US”,“number”:"+1 2532158782",“type”:“toll”,“country”:“US”},{“country_name”:“US”,“number”:"+1 3462487799",“type”:“toll”,“country”:“US”},{“country_name”:“US”,“number”:"+1 6465588656",“type”:“toll”,“country”:“US”},{“country_name”:“US”,“number”:"+1 3017158592",“type”:“toll”,“country”:“US”},{“country_name”:“US”,“number”:"+1 3126266799",“type”:“toll”,“country”:“US”}],“registrants_email_notification”:true,“meeting_authentication”:false}}

Thanks for your help in this matter!

Hey @yariv,

Can you please share the request body you’re passing as well?


Sure, its:
{“topic”:“PILATES Level 2”,“start_time”:“2020-10-29T18:30:00.000”,“duration”:60,“timezone”:“Europe/London”,“id”:null,“start_url”:null,“join_url”:null,“password”:null}

Hi @yariv,

Thanks for sharing that. In taking a look at the host’s account, it appears that their meeting settings are such that a meeting passcode would not be provided in the API response. I believe this scenario is covered in Scenario 5 in our API Behavior Chart here:

Let me know if this helps to clarify!


Thanks Will!
However the situation here seems to be different than the expected result, since while we do not get the password in the API response, and the join link does not contain it either, when trying to connect to the meeting it does require a password (which we do not know…)
Is it possible that the password is applied for the meeting but simply not returned in the response? If so would calling the GET endpoint for the meeting retrieve the password?

Hey @yariv,

Thanks so much for clarifying that, and my apologies for not catching that before. :slight_smile: Is it possible to share a screenshot of the password being required for this meeting (87613749994) when a user goes to join?


Hi Will,
Unfortunately we do not have a screenshot of that for this specific meeting, however we have another customer that experienced the same issue for meeting https://us02web.zoom.us/j/82603205938 which took place on Oct. 8th.
In the API response we did not get a password:
response: {“uuid”:“h5aFhUQ9Ru6JWTMFLXVM5w==”,“id”:82603205938,“host_id”:“0tFP6bzITjSnKvYd7zBYlQ”,“host_email”:“customer email”,“topic”:“MANLATES ONLINE”,“type”:2,“status”:“waiting”,“start_time”:“2020-10-08T17:00:00Z”,“duration”:60,“timezone”:“Europe/London”,“created_at”:“2020-10-05T18:13:49Z”,“start_url”:“https://us02web.zoom.us/s/82603205938?zak=eyJ6bV9za20iOiJ6bV9vMm0iLCJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJjbGllbnQiLCJ1aWQiOiIwdEZQNmJ6SVRqU25LdllkN3pCWWxRIiwiaXNzIjoid2ViIiwic3R5IjoxMDAsIndjZCI6InVzMDIiLCJjbHQiOjAsInN0ayI6ImRwTVYzclcxbUdmcjg0VHhvZ19HSnNnZklMa3JMNlQyNEtvS3R3ZXFrNzAuQmdVZ1MzVjZNbmw0T1RsU1NucHVaVGgyVW5kSmRGaDVNRFozYnpOSlRETXpiMFpBWmprME1HWTNaR1JpTkdaaE5qZzNNelJsWTJZNE56QXpaV0UxTldJME9EZGtPVGt5WWpJNVpUUTRZamRsTkRObFlUbGlNekkzTnpGa1lqZ3lZV1EyTWdBTU0wTkNRWFZ2YVZsVE0zTTlBQVIxY3pBeSIsImV4cCI6MTYwMTkyODgyOSwiaWF0IjoxNjAxOTIxNjI5LCJhaWQiOiIyQ19WaWFabFNvU2tJRS1xNERZMEJnIiwiY2lkIjoiIn0.mE2_2SogSOVNGYzq_6H9FSCDNEv6qhT1uZQpa3ctJms",“join_url”:“https://us02web.zoom.us/j/82603205938”,“settings”:{“host_video”:true,“participant_video”:false,“cn_meeting”:false,“in_meeting”:false,“join_before_host”:false,“mute_upon_entry”:true,“watermark”:false,“use_pmi”:false,“approval_type”:2,“audio”:“both”,“auto_recording”:“local”,“enforce_login”:false,“enforce_login_domains”:"",“alternative_hosts”:"",“close_registration”:false,“registrants_confirmation_email”:true,“waiting_room”:true,“request_permission_to_unmute_participants”:false,“global_dial_in_countries”:[“US”],“global_dial_in_numbers”:[{“country_name”:“US”,“number”:"+1 6699006833”,“type”:“toll”,“country”:“US”},{“country_name”:“US”,“number”:"+1 2532158782",“type”:“toll”,“country”:“US”},{“country_name”:“US”,“number”:"+1 3462487799",“type”:“toll”,“country”:“US”},{“country_name”:“US”,“number”:"+1 9292056099",“type”:“toll”,“country”:“US”},{“country_name”:“US”,“number”:"+1 3017158592",“type”:“toll”,“country”:“US”},{“country_name”:“US”,“number”:"+1 3126266799",“type”:“toll”,“country”:“US”}],“registrants_email_notification”:true,“meeting_authentication”:false}}

however the email from zoom for the scheduled meeting sent to the user did contain a passcode:

Join Zoom Meeting

Meeting ID: 826 0320 5938
Passcode: 059623

When our support rep tried to connect to the meeting it required a passcode:

BTW, the customer has indicated that he has waiting room disabled and passcode enabled in his zoom account’s security settings

Hi @yariv,

Thank you for providing all of these details. We’re looking into this for you. (ZOOM-206576).

I’ll be in touch,

Hi Will,
Any update on this issue?

Hey @yariv,

This is actually by design if the passcode required setting is not locked at the account level, or if the waiting room required setting is locked at the account level. We do have a feature request in our backlog for an option to have the Create Meeting API automatically generate the passcode. (ZOOM-201605)

In the meantime, you can use the Get User Settings API to get the passcode requirements, and then set the passcode yourself when calling the Create Meeting API.


Let me know if that makes sense! :slight_smile:


As far as I could understand from the API documentation, the scenario you are describing should lead to the meeting being created WITHOUT a password (and then it is obviously not going to be in the API response), but what we are experiencing is different - meetings are created WITH a password (user is prompted for password when connecting via join url), but the password is not included in the API response (not in the url or on its own), so the user can’t login… Is this behaviour by design?

Hi @yariv,

After checking with our team, this is expected behavior. Even if you provide a valid password value when creating a meeting in this scenario, it will not be returned. That said, I understand the issue this creates, and as Tommy mentioned, we do have a feature request in for this.


Hi Will,
Thanks for confirming this is expected behaviour.
We are considering a possible mitigation from our side and wanted to verify with you it should work:

Scenario: meeting is created with an autogenerated password implicitly but the password is not returned in the API response

When meeting response contains no password:

  1. Call GET /meeting api for the meeting id and check response
  2. If GET response contains password save it on our side for the meeting that was just created (If it does not it means the meeting really has no password)

Will calling GET /meeting for the meeting that was just created return the autogenerated password in the response?

Hi @yariv,

That’s correct, if the meeting has a passcode set, it will be returned by the GET Meeting API request.

Let me know if you run into any other questions!

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.