I am creating this post to request some help regarding the upcoming JWT deprecation. I am attempting to find out for certain whether or not my company’s SSO set up uses anything in relation to JWT, and if it will be necessary for us to migrate to OAuth.
For context I am only a desktop technician, and have been assigned to find this information despite my complete and total ignorance on any of these systems (read: it’s not my department or responsibility, but orders are orders). I have spoken to a Zoom rep but have not received a definitive answer.
Exactly what I am looking for: How can I find out for sure whether or not we will be affected by this JWT deprecation? Or, where can I look to tell me for certain that we are using JWT and need to migrate to OAuth?
I apologize if this is not the correct place for such a question, but after trawling through many articles, guides, and FAQs on this subject and still not understanding much of what I am reading, I just am not sure where else to turn.
You would need to see what applications are in and making requests to Zoom APIs through marketplace.zoom.us. Do you know the developer email or account number for your company? If so, let me know and I’ll private message you to get this information and check. Please note, if you do not have access to that user and login info, your company would need to go through a formal request to transfer the application to a new user and that may take several weeks or longer to complete.
Thanks so much for your response. I do have the account number. What do you mean by developer email? My company Zoom account has been given administrator access, so I’m not sure if that would be sufficient.
Meaning that if there was a developer or admin who created an application on Zoom Marketplace that is making calls to Zoom APIs, you’d need that email/login info to actually see the applications and determine if your company would be impacted by the JWT deprecation.
You do not inherently need an application to use SSO with Zoom, but some accounts do create SSO users via API through their apps.
Honestly, given you are tasked with discovering this, I am assuming your company is not using the Zoom API because the person making the requests would be well aware and informed of the usage.
You can also follow up with support and ask them if your account has an API plan and if there have been requests made to Zoom API.
Agreed, I would have assumed that this person would be aware as well, but for some reason I’m still being pressured to find this information.
After asking a lot of questions internally I have found that there are currently API calls being made to our JWT app that I can see on the Marketplace. However from what I can gather the app is being used for scheduling and recording(these are the logs that I am seeing). This leaves me with two last questions:
Will the JWT deprecation affect account auto-provisioning and authentication the way we are currently set up?
Also, I’ve seen an article that states that the deprecation is happening September 1, that we will be able to continue using the JWT application until September 1. Can you confirm that this is the case?
I know the first question you would probably need a lot more information to answer, but if I can get confirmation on the second that would definitely ease a bit of pressure off me.