Missing auto-generated password when creating meetings through API for specific user

Description
We have a web app that creates meetings for our customers using their zoom account. We create scheduled meetings (type 2)

Error
We have a specific customer whose meetings are created with a password but the response payload from the API is returned without a password and the url to connect also does not contain the password. Only when actually trying to connect to the meeting is the password required but we dont know it.
The customer has shown us that his account security settings require a password for all meetings.
According to your latest announcement in https://marketplace.zoom.us/docs/guides/stay-up-to-date/announcements#passcode-and-wr-changes it is possible his settings are in the scenario #6, but the document does not state whether the password is autogenerated in this case.

Which App Type (OAuth / Chatbot / JWT / Webhook)?
OAuth

Which Endpoint/s?
api.zoom.us/v2/users/me/meetings

How To Reproduce (If applicable)
Steps to reproduce the behavior:

1. Request URL / Headers (without credentials) / Body
2. See error

Screenshots (If applicable)
User security settings

user_settings2080×1272 234 KB

Hey @yariv,

Is it possible to share the full request URL/body and response for your use case? I’m happy to take a closer look.

Thanks,
Will

Hi,
The request URL:
POST https://api.zoom.us/v2/users/me/meetings

Request Headers:
Authorization -> Bearer <TOKEN>, Content-Type -> application/json

Response:
{“uuid”:“Q9KC9LBrRE2akZuVgRmOvw==”,“id”:87613749994,“host_id”:“LcrY802LQOaPwWvpIMDJpw”,“host_email”:"<customer_email>",“topic”:“PILATES Level 2”,“type”:2,“status”:“waiting”,“start_time”:“2020-10-29T18:30:00Z”,“duration”:60,“timezone”:“Europe/London”,“created_at”:“2020-10-06T05:42:54Z”,“start_url”:“https://us02web.zoom.us/s/87613749994?zak=<TOKEN>”,“join_url”:“https://us02web.zoom.us/j/87613749994",“settings”:{“host_video”:true,“participant_video”:true,“cn_meeting”:false,“in_meeting”:false,“join_before_host”:false,“mute_upon_entry”:false,“watermark”:false,“use_pmi”:false,“approval_type”:2,“audio”:“both”,“auto_recording”:“none”,“enforce_login”:false,“enforce_login_domains”:"",“alternative_hosts”:"",“close_registration”:false,“registrants_confirmation_email”:true,“waiting_room”:true,“request_permission_to_unmute_participants”:false,“global_dial_in_countries”:[“US”],“global_dial_in_numbers”:[{“country_name”:“US”,“number”:"+1 6699009128”,“type”:“toll”,“country”:“US”},{“country_name”:“US”,“number”:"+1 2532158782",“type”:“toll”,“country”:“US”},{“country_name”:“US”,“number”:"+1 3462487799",“type”:“toll”,“country”:“US”},{“country_name”:“US”,“number”:"+1 6465588656",“type”:“toll”,“country”:“US”},{“country_name”:“US”,“number”:"+1 3017158592",“type”:“toll”,“country”:“US”},{“country_name”:“US”,“number”:"+1 3126266799",“type”:“toll”,“country”:“US”}],“registrants_email_notification”:true,“meeting_authentication”:false}}

Thanks for your help in this matter!

Hey @yariv,

Can you please share the request body you’re passing as well?

Thanks,
Will

Sure, its:
{“topic”:“PILATES Level 2”,“start_time”:“2020-10-29T18:30:00.000”,“duration”:60,“timezone”:“Europe/London”,“id”:null,“start_url”:null,“join_url”:null,“password”:null}

Hi @yariv,

Thanks for sharing that. In taking a look at the host’s account, it appears that their meeting settings are such that a meeting passcode would not be provided in the API response. I believe this scenario is covered in Scenario 5 in our API Behavior Chart here:

Let me know if this helps to clarify!

Best,
Will

Thanks Will!
However the situation here seems to be different than the expected result, since while we do not get the password in the API response, and the join link does not contain it either, when trying to connect to the meeting it does require a password (which we do not know…)
Is it possible that the password is applied for the meeting but simply not returned in the response? If so would calling the GET endpoint for the meeting retrieve the password?
Thanks

Hey @yariv,

Thanks so much for clarifying that, and my apologies for not catching that before. Is it possible to share a screenshot of the password being required for this meeting (87613749994) when a user goes to join?

Thanks,
Will

Hi Will,
Unfortunately we do not have a screenshot of that for this specific meeting, however we have another customer that experienced the same issue for meeting https://us02web.zoom.us/j/82603205938 which took place on Oct. 8th.
In the API response we did not get a password:
response: {“uuid”:“h5aFhUQ9Ru6JWTMFLXVM5w==”,“id”:82603205938,“host_id”:“0tFP6bzITjSnKvYd7zBYlQ”,“host_email”:“customer email”,“topic”:“MANLATES ONLINE”,“type”:2,“status”:“waiting”,“start_time”:“2020-10-08T17:00:00Z”,“duration”:60,“timezone”:“Europe/London”,“created_at”:“2020-10-05T18:13:49Z”,“start_url”:“https://us02web.zoom.us/s/82603205938?zak=eyJ6bV9za20iOiJ6bV9vMm0iLCJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJjbGllbnQiLCJ1aWQiOiIwdEZQNmJ6SVRqU25LdllkN3pCWWxRIiwiaXNzIjoid2ViIiwic3R5IjoxMDAsIndjZCI6InVzMDIiLCJjbHQiOjAsInN0ayI6ImRwTVYzclcxbUdmcjg0VHhvZ19HSnNnZklMa3JMNlQyNEtvS3R3ZXFrNzAuQmdVZ1MzVjZNbmw0T1RsU1NucHVaVGgyVW5kSmRGaDVNRFozYnpOSlRETXpiMFpBWmprME1HWTNaR1JpTkdaaE5qZzNNelJsWTJZNE56QXpaV0UxTldJME9EZGtPVGt5WWpJNVpUUTRZamRsTkRObFlUbGlNekkzTnpGa1lqZ3lZV1EyTWdBTU0wTkNRWFZ2YVZsVE0zTTlBQVIxY3pBeSIsImV4cCI6MTYwMTkyODgyOSwiaWF0IjoxNjAxOTIxNjI5LCJhaWQiOiIyQ19WaWFabFNvU2tJRS1xNERZMEJnIiwiY2lkIjoiIn0.mE2_2SogSOVNGYzq_6H9FSCDNEv6qhT1uZQpa3ctJms",“join_url”:“https://us02web.zoom.us/j/82603205938”,“settings”:{“host_video”:true,“participant_video”:false,“cn_meeting”:false,“in_meeting”:false,“join_before_host”:false,“mute_upon_entry”:true,“watermark”:false,“use_pmi”:false,“approval_type”:2,“audio”:“both”,“auto_recording”:“local”,“enforce_login”:false,“enforce_login_domains”:"",“alternative_hosts”:"",“close_registration”:false,“registrants_confirmation_email”:true,“waiting_room”:true,“request_permission_to_unmute_participants”:false,“global_dial_in_countries”:[“US”],“global_dial_in_numbers”:[{“country_name”:“US”,“number”:"+1 6699006833”,“type”:“toll”,“country”:“US”},{“country_name”:“US”,“number”:"+1 2532158782",“type”:“toll”,“country”:“US”},{“country_name”:“US”,“number”:"+1 3462487799",“type”:“toll”,“country”:“US”},{“country_name”:“US”,“number”:"+1 9292056099",“type”:“toll”,“country”:“US”},{“country_name”:“US”,“number”:"+1 3017158592",“type”:“toll”,“country”:“US”},{“country_name”:“US”,“number”:"+1 3126266799",“type”:“toll”,“country”:“US”}],“registrants_email_notification”:true,“meeting_authentication”:false}}

however the email from zoom for the scheduled meeting sent to the user did contain a passcode:

Join Zoom Meeting

When our support rep tried to connect to the meeting it required a passcode:

image828×780 48.9 KB

BTW, the customer has indicated that he has waiting room disabled and passcode enabled in his zoom account’s security settings

Hi @yariv,

Thank you for providing all of these details. We’re looking into this for you. (ZOOM-206576).

I’ll be in touch,
Will

Hi Will,
Any update on this issue?
Thanks

Hey @yariv,

This is actually by design if the passcode required setting is not locked at the account level, or if the waiting room required setting is locked at the account level. We do have a feature request in our backlog for an option to have the Create Meeting API automatically generate the passcode. (ZOOM-201605)

In the meantime, you can use the Get User Settings API to get the passcode requirements, and then set the passcode yourself when calling the Create Meeting API.

Let me know if that makes sense!

Thanks,
Tommy

As far as I could understand from the API documentation, the scenario you are describing should lead to the meeting being created WITHOUT a password (and then it is obviously not going to be in the API response), but what we are experiencing is different - meetings are created WITH a password (user is prompted for password when connecting via join url), but the password is not included in the API response (not in the url or on its own), so the user can’t login… Is this behaviour by design?

Hi @yariv,

After checking with our team, this is expected behavior. Even if you provide a valid password value when creating a meeting in this scenario, it will not be returned. That said, I understand the issue this creates, and as Tommy mentioned, we do have a feature request in for this.

Thanks,
Will

Hi Will,
Thanks for confirming this is expected behaviour.
We are considering a possible mitigation from our side and wanted to verify with you it should work:

Scenario: meeting is created with an autogenerated password implicitly but the password is not returned in the API response

Mitigation:
When meeting response contains no password:

1. Call GET /meeting api for the meeting id and check response
2. If GET response contains password save it on our side for the meeting that was just created (If it does not it means the meeting really has no password)

Will calling GET /meeting for the meeting that was just created return the autogenerated password in the response?

Hi @yariv,

That’s correct, if the meeting has a passcode set, it will be returned by the GET Meeting API request.

Let me know if you run into any other questions!
-Will

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.