My API_Key is not 22 characters, so why is the code checking this condition? It is 36 characters!

Description
When I try to use the web SDK sample, I get an error in the console.
{method: "join", status: false, result: null, errorMessage: "Api key length error, must 22", errorCode: 4003}

This error is also reported by others (though not the cause).

There is a hard coded check in zoom-meeting-1.7.8.min.js that asserts the API_Key is length 22. Maybe some API Keys are that length (22 characters), but all the API Keys on our account have length 36.

So because of Zoom’s bug, we cannot use the SDK unless we edit the file zoom-meeting-1.7.8.min.js.

After enduring Chrome devtool lags due to debugging long minified files, I located the cause (aided by the “must 22” error description logged). This is caused by code that checks API key length like this:

22!==Object(c.o)(i)?u="Api key length error, must 22"

This must be fixed. I know that some API keys are 22 length, others are 36. Any other possibilities? I don’t see any spec for API Key length. I edit the file zoom-meeting-1.7.8.min.js to correct this check

![22,36].includes(Object(c.o)(i))?u="Api key length error, must 22 or 36"

Now the web SDK code sample works.

Which version?
Web SDK 1.7.6, 1.7.7, 1.7.8

To Reproduce(If applicable)
Steps to reproduce the behavior:

  1. Run the Web SDK with a 36 length API_key

I also created a pull request on GitHub for this bug.

Hey @tanderson,

Make sure you are using a JWT App to get your API Key.

The SDK App Key won’t work and is longer than 22 characters.

Thanks,
Tommy

I did use the JWT API key. I also changed that 22 to 36 and got the Web SDK to work. It connects just fine when the bad assumption is fixed. Didn’t they tell you that they give out JWT API keys that are 36 characters in length?

@tommy How can I show you that our API keys are all 36 characters in length?

The JWT App key provided to us by Zoom is 36 characters in length.
The SDK Key provided to us by Zoom is also 36 characters in length.
We have an old OAuth key that’s 22 characters in length.

The Zoom Web API works just fine when you change that bad code to remove the requirement that it’s 22 characters in length.

This is a screenshot of our JWT key where I have obscured 1/10 of all characters and the final 5 characters. There are definitely 36 characters in the JWT Key you gave me.

image

This is a screenshot when in the meeting. Look, it works with a 36 character JWT API Key!

Hey @tanderson,

Thanks for sharing these details. (CS-1928)

Can you provide the account # of the owner of the JWT App?

-Tommy

@tommy
Assuming that the account number is not privileged info.

Thanks @tanderson, I will keep you updated on a resolution! :slight_smile:

-Tommy

Hey @tanderson,

We have confirmed this to be an issue on our end. We are working to fix the Web SDK logic to allow longer JWT API Keys.

Thanks,
Tommy

1 Like