New Webhook URL Validation issue

I had a support ticket that got escalated with final email indication to post in here.

We have groups that integrate into our platform using JWT app and we all of the sudden are getting reports on this when they are trying to follow through with zoom integrations with the event notification endpoint URL. Basically a “URL Validation failed. Try again later.”

We have verified that the webhook endpoint requirements are being met. The webhook url hasn’t changed in years.

  1. It is https://
  2. We verified via a 3rd party tool that TLS 1.2+ is required and SSL cert is issued by a CA. SSL Server Test: (Powered by Qualys SSL Labs)
  3. The domain is FQDN.
  4. The endpoint does accept POST with json body
  5. and will return the appropriate HTTP status code.

Is there any indication of which of these is causing the validation failure?

Hey @reid,

Sometimes validation can fail because you aren’t setting the status correctly, or the encryption token that was sent back doesn’t match the encryption token in the header.

Can you confirm that the status is being set to 200 or 204 and that the encryption tokens match?

@reid Hope you will be fine.

Which platform you are using e.g NodeJS or no-code platforms?

Here is NodeJS validation sample :point_down:'/api/zoom/events', async (req, res) => {
        if (req.body.event == 'endpoint.url_validation') {
            let encryptedToken = crypto.createHmac('sha256','Your Secret Token').update(req.body.payload.plainToken).digest('hex');

            return res.json({
                plainToken: req.body.payload.plainToken,
                encryptedToken: encryptedToken

Here is the session → How to enable Zoom WebHooks.

I’m trying to validate the webhook URL in Zoom using AWS Lambda and getting error as “URL Validation failed. Try again later" and not able to validate the URL.I have followed the same steps which is given in Documentation .

I can able to validate the URL by using VS code and facing this issue only on AWS Lambda.

I’m facing the issue while checking the condition if (req.headers[‘x-zm-signature’] === signature) ,x-zm-signature and signature is getting varied.

Here is NodeJS validation sample :point_down:

const crypto = require(“crypto”);

function oauthValidator(req){
var response

const message = v0:${req.headers['x-zm-request-timestamp']}:${JSON.stringify(req.body)}

const hashForVerify = crypto.createHmac(‘sha256’, process.env.ZOOM_WEBHOOK_SECRET_TOKEN).update(message).digest(‘hex’)

const signature = v0=${hashForVerify}

if (req.headers[‘x-zm-signature’] === signature) {

if(req.body.event === 'endpoint.url_validation') {
  const hashForValidate = crypto.createHmac('sha256', process.env.ZOOM_WEBHOOK_SECRET_TOKEN).update(req.body.payload.plainToken).digest('hex')

  response = {
    message: {
      plainToken: req.body.payload.plainToken,
      encryptedToken: hashForValidate
    status: 200
  return {

} else {
  response = { message: 'Authorized request to Webhook Sample Node.js.', status: 200 };
  return {


} else {

response = { message: 'Unauthorized request to Webhook Sample Node.js.', status: 401 };

return response;


Please help me on to get this validation done. Thanks…!

Hi @Uma , did you find the solution with aws lambda? I am also facing same issue, please let me know if you get the solution.

Did you use aws lambda to solve the problem? I’m having the same problem, so if you find a solution, do let me know.