###Secret Token Change - Zoom Apps Deauthorization Notification
Our Zoom app has an endpoint configured for our app’s Deauthorization Notification (Deauthorization).
We are currently using our app’s Verification Token to verify that requests coming to this endpoint are from Zoom. However, Zoom is retiring the usage of this Verification Token in October, and pivoting to using the Secret Token.
Our Zoom app does not yet have a Secret Token generated. We need to press the Generate button to obtain it.
Before we generate the Secret Token and change our endpoint to verify incoming requests using this Secret Token, we want to ask:
- If we press the Generate button to obtain the Secret Token, will it stop sending the Verification Token to our Deauthorize Notification endpoint?
- When the Verification Token expires, do we have to follow the HMAC SHA-256 hashing in our Deauthorization Notification endpoint as specified here (Using webhooks) to verify that the request came from Zoom?