Missing clientid Header

Webhook event

I have an chat application, I want to receive a chat notification. I’ve created an subscription pointed on my URL and push ‘Validate’ button. I expected to receive the clientid header, contains ‘The client ID of your Marketplace application.’. But there is no such header. Am I missing something?

Following https://marketplace.zoom.us/docs/api-reference/webhook-reference/#request-headers

@elisa.zoom could you please comment on this?
We can’t validate our app’s urls because of this.

Thank you

Hi @tolikbotov
To validate the URL you do not need the client ID header.

Here is an example in Node.js on how to validate the URL

const crypto = require('crypto')

// Webhook request event type is a challenge-response check
if(request.body.event === 'endpoint.url_validation') {
  const hashForValidate = crypto.createHmac('sha256', ZOOM_WEBHOOK_SECRET_TOKEN).update(request.body.payload.plainToken).digest('hex')

    "plainToken": request.body.payload.plainToken,
    "encryptedToken": hashForValidate

Hello @elisa.zoom . I understand that this header is not used for validation.
We want to select appropriate application settings by clientid.

Let’s say we have more than one Zoom settings, and when validation event comes we need to choose somehow one of Zoom setting.

I have a similar issue. I maintain a service that needs to accommodate multiple Zoom applications. I need to use the clientid to know which Zoom application my service is validating.

@elisa.zoom FYI, I am using a Server-to-Server app. Do I need to have a private Marketplace app for this use case?

Hi @shanecav
When you validate an endpoint URL, you wont get the client ID in the headers.
The client ID value will be in the headers when you receive the event you are subscribed to.


I see that now. Seems odd that the validation request contains every other expected Zoom header except clientid, which I was assuming would be included when I initially set things up. I now need to figure out to reconfigure my app so it can be used by multiple Zoom accounts just because of the validation step.