Serious Confusion Regarding Different App Types

I have a web application that I’m adding Zoom to. Technically I have added it and everything is working fine for me. I’m now trying to get things working for my end users and here’s where the confusion comes in.

My web application uses a Java backend that manages users’ meetings. This requires that users authenticate their Zoom accounts using OAuth. This required me to create an OAuth app in the Marketplace.

The web application will also launch the Zoom browser app so that users can Start and Join meetings from within my web app. This required that I create a Web SDK app in the Marketplace.

Also, in order for the Zoom browser app to work properly, a signature needs to be generated and passed to the Web SDK. In order to generate a signature, an API Key and Secret are needed and that required that I create a JWT app in the Marketplace.

Having to create 3 different apps in the Marketplace to get Zoom working with my web application was pretty confusing to say the least, but I finally have it working. For me. I thought it would work for my end users also, but apparently not.

I discovered that in order to the get things working for my end users, I need to actually publish my app in the Marketplace and make it publicly available. This is a bit confusing, because I’m not creating a standalone Zoom app. I’m just adding Zoom functionality to a much larger and broader web application. There is a lot of red tape involved in publishing an app on the Zoom Marketplace, which is understandable; however, my intention is not to make my app publicly available. I just want to provide Zoom functionality to my end users. Having to go through the entire Marketplace process to provide my end users with Zoom functionality is really cumbersome. The integration has been functional for several weeks now and I am still wrestling with getting Marketplace approval. Meaning my end users are still waiting on this functionality. But I digress.

Here’s the real problem. I’m stuck in the Marketplace approval process because the app failed testing due to an “Invalid Signature” error and I’m not sure why it failed or what the tester was trying to do when they received the failure. It appears they were trying to use the Join Meeting functionality from within my app. However, I can Join a Meeting with no problem from within my app, so I am assuming the problem has to do with trying to Join a Meeting from a different Zoom account other than the account that was used to create the Marketplace app. But I can’t test and debug this problem myself, because I can only use the Zoom account that was used to create the app until the the app passes Marketplace approval. And as I said, everything works fine when using that Zoom account.

It’s quite exasperating. Maybe I’m overlooking something, but it seems impossible to test my app for the real world and get Marketplace approval if I cannot login into the app using an account other than the account that was used to create the app. Also, there doesn’t seem to be a direct way to communicate with the tester to get clarification on problem.

My suspicion is that since I had to create 3 different Marketplace apps to get all the functionality working properly, that I’m requesting publication of only one of those apps (the OAuth app), and that the error is related to an Invalid Signature which is tied to the JWT app, that maybe JWT app also needs to be published. But I’m just guessing at this point. Since I can’t debug the application in the same way as the Zoom tester, all I can do is guess.

Has anyone else gone through this same process and able to shed some light on this for me?

Hey @m.warble,

Thank you very much for laying out your issue here in such detail, and my sincere apologies that this has created so much work for you—this is definitely not the experience we want for developers like yourself, and we’re working on improving this flow going forward. I’ll be sharing your feedback with my team.

For now, I’d definitely like to make sure we can help you test this. Given that you’re not able to test outside of your account at the moment in order to replicate what your tester experienced, I do think there’s one step we can take to make this a bit easier: allowing you access to a publishable URL.

Before your app is published, you can request to share it outside of your account for testing purposes like you’ve described. To do so, you can click the link outlined in the image shown here. In your request, you can include the details like you’ve described them here.

Hopefully, once you can test with this temporary access, you’ll be able to get over the hump here.

I hope this helps, and please let me know how it goes!


I’ve debugged this issue some more and have some more insight into it; however, I still have not resolved the issue. I’ve posted a new topic that I hope is more coherent than this post. It can be found here: Zoom OAuth + JWT Issues

Hi @m.warble,

Thanks—we will take a look at your other post.