Signature is invalid, again

We’ve used the Zoom Web SDK successfully in the past on a different site with this ruby on rails code on the backend generating the signature:

def signature
    require "base64"
    require 'openssl'
    timestamp = ( * 1000).to_i  - 30000
    meeting_number = params["meeting_number"]
    role = 0 # 0 for participant, 1 for host

    message = Base64.strict_encode64("#{ENV["ZOOM_API_KEY"]}#{meeting_number}#{timestamp}#{role}")
    hash = Base64.strict_encode64(OpenSSL::HMAC.digest('sha256', ENV["ZOOM_API_SECRET"], message))
    signature = Base64.strict_encode64("#{ENV["ZOOM_API_KEY"]}.#{meeting_number}.#{timestamp}.#{role}.#{hash}")

    render json: {
      msg: "Success",
      signature: signature

I’ve verified that ENV[“ZOOM_API_KEY”] and ENV[“ZOOM_API_SECRET”] are accurate by checking in the rails console in staging. I’ve deployed again just to force a restart, and ensure that ENV variables are reloaded.

When this signature generated in this way is used on a Zoom embed, the embed remains black and a message appears that says “Signature is invalid”. The error code in the js console says the error code is 3712.

Which version?

Passcode obscured, not that it’s important. This is just a test meeting.

Additional context
Macbook, Chrome broswer Version 85.0.4183.102

I get the same error with version 1.7.10, and 1.8.0.

The generated signature is:

Nevermind. I was using the wrong API/Secret.

1 Like

Happy to hear you got it sorted out! :slight_smile:


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.