Signature is invalid. Code 3712 on some meetings

I’ve deployed a version after testing it on the web, it worked well.
After another user tried to join using his own meeting room via the website, it fails with Signature is invalid. Code 3712.

When I try to join HIS meeting id, it also fails like this.

When HE is trying to do it with MY meeting ID it works well, also when I try to do it with mine.

  • The code always tries to join with a host role, but I don’t think it’s a problem since it automatically switches to guest if you are not eligible to host.

version: CDN 1.83

Is it mandatory to supply a “role” parameter in ZoomMtg.join as well? (since we already supplied it via the JWT generation…)
EDIT: Never mind, adding the “role” parameter to ZoomMtg.join is getting it stuck on “joining meeting” for all the rooms I tried.

JWT Code:

function createToken() {

        // Prevent time sync issue between client signature generation and zoom 

        const timestamp = new Date().getTime() - 30000;

        const msg = Buffer.from(ZOOM_API_KEY + meetingNumber + timestamp + role).toString('base64');

        const hash = crypto.createHmac('sha256', ZOOM_API_SECRET).update(msg).digest('base64');

        const signature = Buffer.from(`${ZOOM_API_KEY}.${meetingNumber}.${timestamp}.${role}.${hash}`).toString('base64');




Would be appreciated to solve it asap, thanks.

Did you check the account level? Coz, if you are doing everything right, the issue might be the account level access for the web SDK. It is only available for the pro, business and enterprise-level users or developers added to those accounts.

I’ve tried with another PRO user… He created a meeting, and I tried joining via the page I created. It doesn’t work, same error. Signature is invalid.

Seems like I’m able to join only to meetings I’ve created. What am I doing wrong?

" To host a meeting through the Web SDK, the meeting ID will need to be on the same account as your API Key. In other words, your Web SDK app will be able to host meetings for users on your account."

Does that mean that USER A with a PRO account which is not under my account cannot open his own meeting and join via the website?

How else am I supposed to allow people to join and host their own meetings?
I’m supposed to auto create meeting room and allocate it for them? if so, then what is the point of the meeting id field, etc… + in this scenario they still won’t be able to host.

Can an admin please elaborate on the subject? Where is the doc page that lays out directly a list of all the restrictions and limitations of the SDK?

It’s urgent, may I please get the clarification? we’ve been told that ANYONE with a Pro account will be able to use it, which I understood as use with his own meeting rooms.

What is the right way to implement a website in which anyone with a pro account can join his own pre-created (e.g. using the regular Zoom application) ?


Hey @Mikron,

Happy to clear this up for you! :slight_smile:

You can join meetings you or any other Zoom account has created with the Web SDK. However, you can only start your own meetings (meetings owned by the same account as the JWT App) for obvious security reasons.

We are working to allow OAuth apps to be compatible with the Web SDK in the sense that users can give authorization to have meetings be started on their behalf. More details on that here:

After reading this, if you are still having issues with the designed flow, please share your Web SDK signature for a test meeting so we can debug the issue! :slight_smile:


Thank you for the answer.

I still don’t understand the flow of letting other users to join their own meeting - If they cannot then the whole website is useless and our hard work was in vain.

What is the correct workflow for now?

  1. The random user asks the server for an available room.
  2. Can the Node server create a room on behalf of the JWT owner by demand and return the details?
  3. Then the random user will connect using those details.

EDIT: This flow is also wrong as the JWT user can only have 1 active meeting at a time.

Can you elaborate on this:
“In the meantime, I suggest having the host of the meeting start the meeting via the start_url and Zoom App, and then have the other participants join via the Web SDK.”

IF a user (who is not the JWT user) will first open THEIR meeting using the Zoom app, enter it, then try to join via the website, it will work?

Edit: Also failed.


Hey @Mikron,

The only limitation, is you cannot start a meeting not owned by the same Zoom account/company account as the JWT App. Does that make sense?

The JWT App/Web SDK can host multiple meetings at the same time so long as the meetings were created by seperate users (hosts).

Yes, any user can join a meeting with the Web SDK.

I am happy to explain this to you further over a Zoom meeting if you would like. :slight_smile:


“The JWT App/Web SDK can host multiple meetings at the same time so long as the meetings were created by seperate users (hosts).”

So again, there is no real workflow that works automatically to give arbitrary Pro Zoom users to use our website. By what you wrote, I’ll need to add them as a host which is of course not a viable solution and doesn’t give you flexibility with the SDK.

Yes, I would love a Zoom meeting with you Tommy,

Hey @Mikron,

Exactly why we are working on this :slight_smile:

I will send you meeting details.


Can I be on this Zoom mtg as well? I too am having a tough time understanding how to let clients use my website to run their zoom meetings if they do not all have their own API Key/Secrets that I custom enter for each meeting???


We solved it. let me stress out the details:
For now, clients can only login as guests to the meetings.

So I changed the role on the JWT token to 0 - guest.
However, the problem continued since I also sent the role parameter 0 for ZoomMtg.Join - so I removed the parameter, and only then it worked.

Good luck

Hey @Mikron,

Thank you for the update, I really appreciate that you added the solution you found with @tommy to this thread. Does that make sense @rmmackay? Let me know if you have any questions.


1 Like

If everyone can only join as role 0, then it is not a solution. We need our clients who are going to be the host of their zoom meetings inside our application, to be able to join as the Host. To have to launch zoom outside of our app, assign their ‘duplicate’ entry as a co-host, then logout out of Zoom so they are left with just the one, now host, entry in our app - is a real PITA for them and not a solution. It should be that whatever Zoom account created the meeting, a user from that account can enter into our app’s zoom meeting as a host.

Hey @rmmackay,

We are planning to improve this flow. Please see my post here:


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.