Signature is invalid for Web SDK and JWT app

I followed your docs step by step, and now I get Signature is invalid when trying to join to a meeting.

Browser Console Error
I only see this error:

errorCode: 3712
reason: "Signature is invalid."

Which Web Meeting SDK version?
2.0.1 ("@zoomus/websdk": “^2.0.1”,)

Meeting SDK Code Snippets
Here’s my C# Controller code to generate signature:

static readonly char[] padding = { '=' };

public object GenerateToken(string meetingNumber)
    var apiKey = Config.GetSetting("ZoomApiKey");
    var apiSecret = Config.GetSetting("ZoomApiSecret");
    String timestamp = (ToTimestamp(DateTime.UtcNow.ToUniversalTime()) - 30000).ToString();
    var role = "0"; // 1 for host, 0 for participant

    string message = String.Format ("{0}{1}{2}{3}", apiKey, meetingNumber, timestamp, role);
    apiSecret = apiSecret ?? "";
    var encoding = new System.Text.ASCIIEncoding ();
    byte[] keyByte = encoding.GetBytes(apiSecret);
    byte[] messageBytesTest = encoding.GetBytes(message);
    string msgHashPreHmac = System.Convert.ToBase64String(messageBytesTest);
    byte[] messageBytes = encoding.GetBytes(msgHashPreHmac);
    using (var hmacsha256 = new HMACSHA256(keyByte)) 
        byte[] hashmessage = hmacsha256.ComputeHash(messageBytes);
        string msgHash = System.Convert.ToBase64String(hashmessage);
        string token = String.Format("{0}.{1}.{2}.{3}.{4}", apiKey, meetingNumber, timestamp, role, msgHash);
        var tokenBytes = System.Text.Encoding.UTF8.GetBytes(token);
        return new 
            Signature = System.Convert.ToBase64String(tokenBytes).TrimEnd(padding)

public static long ToTimestamp (DateTime value) {
    long epoch = (value.Ticks - 621355968000000000) / 10000;
    return epoch;

As you can see, I just copied your code from docs and restructured it inside a controller. I also changed the return type. That’s all.

To Reproduce(If applicable)
Steps to reproduce the behavior:

  • Create a JWT app in
  • Create a C# controller to return signature (using doc’s C# example)
  • Create a react component to use that signature and meeting number + password to join a meeting
  • Provide API Key from app’s credentials page to both react and C# controller
  • Provide API secret from app’s credentials page


I tried to attach images, but your system complained that:

Sorry, you can’t embed media items in a post.

Device (please complete the following information):

  • Device: [Lenovo Thinkpad]
  • OS: [Ubuntu 20.04, react docker => node:14-buster-slim, C# docker => Debian GNU/Linux 10 (buster)]
  • Browser: [Chrome]
  • Browser Version [95.0.4638.54 (Official Build) (64-bit)]

Additional context
To be honest, your documentation is very confusing and vague. I did not have a good developer experience up until here. But I also thank you for creating such an amazing platform.

I also tried it with your node API that is ready to use. Still the same error.

Hey @nefcanto,

Thank you for reaching out to the Zoom Developer Forum. First, please make sure that you are using the API Key and Secret from a JWT App. From there, you may find this historical post to be useful:


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.