Want to make entirely sure that it’s okay to expose our JWT app API Key through client-side operations (usage in web SDK) and that no encryption is needed. I know the API Secret should absolutely not be exposed, but I couldn’t see it anywhere specified whether the same was true for API Key.
Thank you for reaching out to the Zoom Developer Forum. Good question! It is indeed safe for you to expose your API Key in the Client-Side code of your application. As you noted, it’s the API Secret that you’ll want to secure through encryption when you provide a signature to the Client-Side.
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.