I’ve created a webinar registration system on our website to handle payments, and I use the API to then send those registration details to Zoom. It’s worked flawlessly in the past, but when I put up registration for our latest webinar last week, I started getting 401 unauthorized responses. Nothing in the code or environment has changed, with the exception of the typical Windows updates on the server.
I’m using the Firebase library to generate the JWT token, I’ve verified that the API key and secret are correct, and I’ve even regenerated the secret, all to no avail. I’m using PHP 5.6.31 on IIS 7.5 (Server 2008R2).
I contacted support, but this is (understandably) a little beyond what they can solve, other than telling me that my account looks fine.
My code actually looks pretty similar to what’s in the API documentation, with the exception of using stream_context_create and file_get_contents to get the response. The endpoint I’m targeting is /v2/webinars/{webinarId}/registrants.
Can you make sure the Firebase library is generating an integer for the exp value? Also, can you post the request payload that you are using to call the API?
The exp value is being set as time() + 60, so it is generating as an integer, which I’ve verified by checking the token in the debugger on jwt.io. The request is a json_encode of an array with all the necessary info: $userInfo = array(‘email’=>$email, ‘first_name’=>$firstName, ‘last_name’=>$lastName, ‘city’=>$city, ‘state’=>$state, ‘zip’=>$zipcode, ‘country’=>$country, ‘job_title’=>$jobtitle);
Through the playground site, it appears to work just fine. I put the webinar ID in and the output of json_encode on my registrant array, and the registrant did show up in the registrant list.
Ok since it’s working with the playground. Let’s see if it has something to do with the Firebase library token as other users had issues with that before.
Can you generate your jwt token using the firebase library?
Afterwards, use Postman to make the same call you did within playground but using the token generated by Firebase.
If you are able to make the a successful call then it might be something with the php codebase, if not then we might need to investigate further how the firebase is generating the token.
Ok, so I used my code to generate a longer lasting token (in production it’s 60 seconds), and I can successfully add a webinar registrant using postman.
I think I figured it out. Just on a whim, I set the token expiration to be time() + 120 instead of time() + 60. Suddenly registration worked as expected. When I looked at the time on my webserver, it was almost 2 minutes behind, so for some reason it wasn’t correctly synchronizing the time. My guess is that it was more than a minute behind the time on the zoom server, so even though I was using the token immediately, from the zoom server perspective, it had already expired.
Thanks for all your help, though! I didn’t know about the playground or Postman before this!