After a lot of testing and comparing the config for successful joins against unsuccessful joins, I discovered there was, in fact, an unreported issue with the signing token in our signature. I think this should trigger a specific error, or at least a signature error. This error and behaviour of this error was unnecessarily baffling and had us looking everywhere but the problem.
If you’re working in .Net you don’t have a good option for base 64 URL encoding that zoom supports out of the box. Unfortunately Zoom (at least when I read it) doesn’t specify which character replacements that need to happen for signatures to work, just that “=” need to be trimmed from the end of tokens.
You may think that HttpServerUtility.UrlTokenEncode does what you need, but it adds a substitution digit to replace the “=” signs though it does encode “+” and “/” correctly. Your other option is to find Base64UrlEncoder buried in the Microsoft.IdentityModel.Tokens namespace that comes with a ton of different dependencies for you to use 1 function and probably won’t come up much if you’re googling this unless you dig through StackOverflow comments.
The below function can be used to encode all 3 sections of the JWT token/signature that is needed to start/join meetings with Zoom.
Hopefully Zoom will make the effort to update the error reporting to be more specific/clear; at least clear enough to identify the issue causing joining the meeting to fail. Ideally they will also eliminate abnormal behaviour (not calling the error lambda) with errors. This way these things are more predicable and loggable and we can at least know where to focus our effort when debugging. It’s one thing to not be able to report “there is a + symbol in your signature” but at the very least you should be able to report “the signature is not valid” and make sure the error lambda is called as expected so the developer can log these errors instead of relying on screenshots from end users.
Code for VB.Net developers to encode their signatures for Zoom. Feel free to use this if you found this post searching the forum with a similar issue. Zoom also has permission to use this in their documentation if they want.
''' <summary>
''' Generates an RFC compliant Base64 URL Encoded string
''' </summary>
''' <param name="data">Byte array of the data to encode</param>
''' <remarks>
''' RFC 4648 - https://datatracker.ietf.org/doc/html/rfc4648#section-5
''' RFC 7515 - https://datatracker.ietf.org/doc/html/rfc7515#section-2
''' </remarks>
''' <returns>RFC Compliant Base 64 URL Encoded String</returns>
Public Shared Function Base64UrlEncode(ByVal data As Byte()) As String
Dim base64Data As String = Convert.ToBase64String(data)
base64Data = base64Data.Replace("+", "-") ' Required by RFC 4648; Section 5
base64Data = base64Data.Replace("/", "_") ' Required by RFC 4648; Section 5
base64Data = base64Data.TrimEnd("=") ' Required by RFC 7515; Section 2
Return base64Data
End Function