I am having an issue while calling get API for authentication in the access token.
I have created access token based on https://jwt.io/ but it gives me an error “The Token’s Signature resulted invalid when verified using the Algorithm: HmacSHA256” in Postman
Guys, I’m also facing the same issue, my api response giving me
The Token’s Signature resulted invalid when verified using the Algorithm: HmacSHA256
and I’m sure that my Jwt token still not expire, mmmm what should be the reason for this case?
Guys, I solved it and it’s working well now
First I remove the old token which I generated from https://jwt.io/
and I used the zoom website https://marketplace.zoom.us/develop/apps/
under the tab app credentials > View JWT Token
I generated new one and found it working well with me
Thanks to you all
Hello All, I am new to zoom API, i am also face same i generated access token but i cant generate jwt token, first i generate to show the error of missing admin scopes then i added and regenerated the accesstoken but show as invalid access token https://api.zoom.us/v2/accounts?page_size=30&page_number=1&access_token=
Can you try calling a different API, like the GET Users API? Let me know if that works, if not then we know the access_token / JWT is not being made correctly and I can help accordingly.
To call the Accounts APIs you need to have special privilege.
I’m running into this issue. Spent several minutes trying to post anything but I keep getting errors about new users can’t submit more than two URLs (even though I listed only two) so my entire post is hosted at
Just to make sure progress is possible, I’m posting without any URLs:
I’m able to access the /users endpoint without issue using the test token from the credentials page.
When I try to create my own token using the jwt . io PHP 3.3 library, I get the error:
(
[code] => 124
[message] => The Token’s Signature resulted invalid when verified using the Algorithm: HmacSHA256
)
Nowhere in the Token generation code can I see any passing of the secret. Based on my reading of your documentation, shouldn’t this be included in the token generation code from jwt.io? In your documentation the secret is part of the signature: https :// marketplace. zoom. us/docs/guides/auth/jwt
Sample Code:
// As per documentation https ://github. com/lcobucci/jwt/tree/3.3
use Lcobucci\JWT\Builder;
use Lcobucci\JWT\Signer\Key;
use Lcobucci\JWT\Signer\Hmac\Sha256;
class JWT
{
[ … ]
function genToken() {
$iss = $this->apikey; // (This is the API key for my account)
$signer = new Sha256();
// $jti=rand(1, PHP_INT_MAX);
$time = time() -1;
$this->token = (new Builder())->issuedBy($iss) // Configures the issuer (iss claim)
->permittedFor($iss) // Configures the audience (aud claim)
// doesn’t seem to be used
// ->identifiedBy($jti, true) // Configures the id (jti claim), replicating as a header item
->issuedAt($time) // Configures the time that the token was issue (iat claim)
->canOnlyBeUsedAfter($time /* +60 */) // Configures the time that the token can be used (nbf claim)
->expiresAt($time + 3600) // Configures the expiration time of the token (exp claim)
->withClaim(‘uid’, 1) // Configures a new claim, called “uid”
->getToken($signer); // Retrieves the generated token
return $this->token;
}
}
[ … ]
FROM ZOOM EXAMPLE
$curl = curl_init();
$token = “” . $JWT->genToken(); // force a string
Note: if I comment this out, $token contains the sample token from your JWT App Credentials page